Hack Remote PC using HTA Attack in SET Toolkit

The HTA Attack method will allow you to clone a site and perform powershell injection through HTA files which can be used for Windows-based powershell exploitation through the browser.

First open your kali Linux application tab in Post Exploitation chose SET Toolkit

Now choose option 1, “Social – Engineering Attacks

Now choose option 2, “Website Attack Vectors

Now choose option 8, “HTA Attack Method

Enter the IP address to connect back on: (IP address of Your PC)

Now select the payload I choose 1 Meterpreter reverse TCP

Now we will choose option 2, “Site Cloner and type the site name you want to be clone. Nad starting MSF listener automatically

Now you will get index.html and launcher.hta in /var/www directory.

Now move both file to var/www/html directory.


Now convert your URL into Bitly URL using bit.ly and send this link address to your victim via Email or Chat

When Victim Machine browsing to bitly URL it will ask you for Prompt to keep/Discard

Now you will get the meterpreter of victim PC. Now type sessions –l to display sessions opened when the victim opens the link

Now the session has opened type sysinfo to get system information, then type shell to enter into Victims command prompt.

Leave a Reply

Your email address will not be published. Required fields are marked *