Building your own payload
Working with BeEF or even within a standard web server facility on your device, you can use Metasploit's meterpreter capabilities to help you gain shell access to affected hosts. Meterpreter is a payload Metasploit can deliver into clients that work within the Dynamically Linked Libraries (DLLs) to establish a secure, covert channel for communications between the hacker and the target; it gives the hacker a Ruby-based shell to the target that can then be used to do the hacker's bidding. Why do we want this? In attacking web applications, lateral movement through their environment of clients can really help us gain a foothold, compromise trusted hosts, and find adjacent servers we can use to run complementary tasks, ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access