Windows: File Smuggling with HTML and JavaScript

A Kali GUI machine and a target machine server are provided to you. The IP address of the target machine is provided in a text file named target placed on the Desktop of the Kali machine (/root/Desktop/target).

Your task is to create a web page and javascript that allows a malicious executable to download on the target machine when a user visits an attacker's web server.

Objective: Exploit the target machine using file smuggling with HTML and JavaScript techniques.

Instructions:

Your Kali machine has an interface with IP address 10.10.X.Y. Run “ip addr” to know the values of X and Y.
The IP address of the target machine is mentioned in the file “/root/Desktop/target”
Do not attack the gateway located at IP address 192.V.W.1 and 10.10.X.1

Solution:

The solution for this lab can be found in the following manual: https://assets.ine.com/labs/ad-manuals/walkthrough-2396.pdf

PreviousCustom Undetectable Macro Development NextClient-Side Exploitation

Last updated 11 months ago