PyInjector Shellcode Injection attack on Remote PC using Social Engineering Toolkit

Note That These Commands used in Backtrack Linux Distro can also be used in any linux Distro just Edit the commands based upon how your Distro is setup apart from that Everything should work

PyInjector is a python tool that will take a command line argument similar to shellcodeexec that will allow you to paste native shellcode into the application and have it automatically execute the shellcode for you

Open your backtrack terminal & Type cd /pentest/exploits/set

Now Open Social Engineering Toolkit (SET). /set

Now we will choose option 5, “Update the Social-Engineering Toolkit

Now we will choose option 1, “Social-Engineering Attacks

Now we will choose option 2, “Website Attack Vectors

Now we will choose the option 1 the Java Applet Attack Method

Now we will choose option 2, “Site Cloner

Are you using NAT/PORT Forwarding: no

Enter the IP address to connect back on: (IP address of Your PC)

Enter the URL to clone: (but you can use any website to run the Java Applet)

Now choose 15 “PyInjector Shellcode Injection”, but you have several to choose from including your own program.

Port of the attacker computer. In this example I use port 443, but you can change to 4444

Select the payload you want to deliver via shellcodeexec press enter here

Now it creates the backdoor program, encodes and packs. It creates the website that you want to use and starts up a listening service looking for people to connect. When done, your screen will look like this:

Now an URL you should give to your victim

When the victim open that link in their browser, immediately it will alert a dialog box about digital signature cannot be verified like picture below.

You now have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s