18Ara
Metasploit: java_signed_applet attack hangs after user response
I am trying to perform a client side attack with Metasploit on a 32 bit Windows 7 Professional N (SP1) victim. I have Windows Defender and Firewall disabled and Java Control Panel Security set at Medium on the victim.
On the attacker machine, I am utilizing the exploit/multi/browser/java_signed_applet
module with the windows/meterpreter/reverse_tcp
payload. I have SRVHOST
and LHOST
set to the IP of the attacker machine.
I left everything else as default. I get the security warning on the victim machine but once I accept the risk and click Run nothing happens, metasploit just hangs at Sending SiteLoader.jar. Waiting for user to click...
Any pointers is appreciated on how I could troubleshoot this further, thanks.