Metasploit  browser autopwn2

Metasploit browser autopwn2

welcome to hacking a rise as always I’m the laughing man so in the last post we talked about metasploit and share links or browser auto pwn we today we are going to talk about auxiliary/server/browser_autopwn2 the other autopwn module in Metasploit and the first one was out dated and wel so is this one but look there the odd chance it will work ya never know lads lol so let explain about it first and then get stuck in to using it

What is Metasploit browser autopwn2

Metasploit Framework includes a huge collection of client-side exploits, many of them are meant to exploit known vulnerabilities in web browsers and there is a module that has the ability to detect the version of browser the client is using and picks the best exploit to trigger, this module is browser_autopwn or browser_autopwn2, in its newest version.
credits to oreillys for this

How to use Metasploit browser autopwn2

First of all lads we need to start postgresql and Apache2 u can do this by typing service postgresql start & service apache2 start
starting services

Now if u have ngrok install start it cd ngrok ./ngrok http 8080 this forward your ports via ssh if you dont have ngrok then install it here
if you dont want ngrok you can use serveo for this we will be using as Im a lazy cunt lol
Metasploit  browser autopwn2 11

Now lads we start Metasploit so open a new terminal and type msfconsole .
Metasploit  browser autopwn2 12

Now we type use auxiliary/server/browser_autopwn2 & show options in to metasploit this gave u the options u need to set
Metasploit  browser autopwn2 13

Next job to do is set the host u want to listen on and the ports and the uri path ssl if need but not important as ngrok dose it for you 😉 so in metasploit type this

    set SRVHOST if using servro or ngrok put link here
    set SRVPORT 8080 put the port here from serveo or ngrok
    set URIPATH /

Metasploit  browser autopwn2 14

now for the fun part type exploit in to metasploit and with for the magic link to show up when it dose go back to ngrok and send the first link to target in are case we are using /8080
Metasploit  browser autopwn2 15

dont send to the target as its a thats local host it wont work over wan on on lan use ngrok or serveo or forward ur ports via router

final thoughts

Well tbh its not the best module in metasploit but it mite work but for me i not really kean on it in that case i will use beef-xss and link to setoolkit and metasploit gave this not been updated since 2015 when it was added to metasploit u think they update it or add a new one


This article is only for an Educational purpose. Any actions and or activities related to the material contained within this Website is solely your responsibility. The misuse of the information in this website can result in criminal charges brought against the persons in question. The Authors and will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

Hi im the laughing man im a pentester and the owner of Hacking a rise

Leave a Reply