Use Powershell for effective phishing
Windows PowerShell is a command-line shell for Microsoft Windows that is used for system administration. It uses cmdlets (commandlets) that are .NET classes to perform administrative tasks, and can access COM and WMI for local and remote administration. PowerShell can also be embedded within applications to make use of its abilities. PowerShell originated in 2006 when Monad (Microsoft Shell) was renamed to Windows PowerShell.
Making Microsoft Word phishing files
Download powercat (netshell features all in version 2 powershell)
After loading the use of powercat to open the monitor:
Test to load Invoke-PowerShellTcp and execute:
Can be found directly to get a powerhell shell. The following production of word files. Copy nishang in the Invoke-PowerShellTcpOneLine.ps1 client code, as follows:
Use Invoke-Encode.ps1 to encode, before encoding to remember to modify the ip and their own to monitor the port
Copy the encoded code and the code is as follows:
Load Out-Word.ps1 and generate the back door, here should pay attention to the payload inside the single quotation marks plus a single quotation mark!
After the implementation of the word, it will rebound shell.
Getting the rally of the powershell can be easily upgraded to the metaploit meterpreter.
Making Microsoft Excel phishing files
First use msf web_delivery to open a powershell monitor:
Use Out-Excel.ps1 to make excel phishing files:
http://192.168.52.129:8080 address is msf open service address. Run excel, get the meterpreter session as shown below: