Easiest way to get Remote Access using Kali
Get remote access to your friend’s PC/Laptop now you can do it
easily using Kali with MetaSploit and Suberfurg.Easiest way to get
Remote Access using Kali.

This will simulate one way that hackers can gain access to a target machine by having them visit a
malicious website. As soon as a client visits this webserver, Subterfuge automatically runs a slew of
browser attacks through the Metasploit Framework’s Browser AutoPwn module at the client.
If one (or more) of the attacks succeed, we will usually get a full remote command shell to the client
system.
Let’s get started
First we will need to install Subterfuge.
Subterfuge was one of the programs removed from the Backtrack platform. It was present in
Backtrack 5 but removed in the switch to Kali, most likely as there are other programs in Kali that do
similar things. From reading the online forums, it sounds like Subterfuge could possibly be added
back in at some time. But the install isn’t that hard.
Let’s go ahead and download & install Subterfuge:
Download Subterfuge
( http://code.google.com/p/subterfuge/downloads/list)
2. Go ahead and save it in the root.

3. Now extract the file with the tar –xvf command.
4. Now change to the Subterfuge directory and run the install with Python:

5. The graphical install interface will show up. Click the Full Install with Dependencies and
then click, “Install”:

6. When the install routine is complete click “Finish”.

7. Now go ahead and run Subterfuge:

8. Now you are given a screen showing that the server is up and running:

9. Now open Iceweasel and surf to 127.0.0.1:80. You are greeted with the main Subterfuge
interface:
Notice there is a place to display usernames and passwords, a Modules and Settings menu and a
Start button.
There are several different attacks we can perform all found under the Modules menu. We can modify
how Subterfuge functions with the Settings menu, and Start initiates some of the attacks.
Browser Autopwn
Let’s try the Browser_Autopwn attack. In it, Subterfuge starts a rogue server and will load in a ton of
different client side browser attacks and use them against any client that tries to connect.
1. Click on the “ Modules” menu.
2. Click on the “HTTP Code Injection” icon.
3. We will be greeted with the Plugin Settings. Leave it at the defaults of “browser_autopwn”
and “IFrame Injection” and click “Apply”.

4. Subterfuge automatically opens a shell window and starts loading Metasploit.

5. The Metasploit Exploits are loaded and prepared :

After a while you will see a screen that says:
[*] — Done, found 64 exploit modules
[*] Using URL: http://0.0.0.0:8080/
[*] Local IP: http://192.168.198.131:8080/
[*] Server Started.
Found 64 exploits – What this means is that Subterfuge is armed with 64 different exploits to attempt
when someone connects to our Kali system.
6. If a victim surfs to our subterfuge webpage (from a Windows 7 system in this example), the
browser_autopwn attack kicks off and automatically starts to fire numerous exploits at the
browser as seen below:

7. To see if any of them worked, we can run the sessions command:

As you can see the exploits were able to open three active remote sessions!
Let’s pick one and see if it truly worked. We will use session 1, just type “ sessions -i” and the
session id number we want.

And it worked. As you can see above I also typed shell to open a remote command prompt.
Conclusion
In this section we used Subterfuge to perform an automated browser attack. Subterfuge created a fake website, started Metasploit and ran the “Browser Autopwn” module creating a possible 64 exploits.
When the client connects, Metasploit tried numerous client attacks against our victim and in the end
was able to create three fully functional remote shell connections.
In real life you would most likely have to social engineer you target and convince them to visit the
Subterfuge site either via e-mail link or a phone conversation.
This is just one of the things that Subterfuge can do. You can also perform several other attacks
including Man-in-The-Middle type attacks. Take some time and play with the different options to see
what you can do.
This will simulate one way that hackers can gain access to a target machine by having them visit a
malicious website. As soon as a client visits this webserver, Subterfuge automatically runs a slew of
browser attacks through the Metasploit Framework’s Browser AutoPwn module at the client.
If one (or more) of the attacks succeed, we will usually get a full remote command shell to the client
system.
Let’s get started
First we will need to install Subterfuge.
Subterfuge was one of the programs removed from the Backtrack platform. It was present in
Backtrack 5 but removed in the switch to Kali, most likely as there are other programs in Kali that do
similar things. From reading the online forums, it sounds like Subterfuge could possibly be added
back in at some time. But the install isn’t that hard.
Let’s go ahead and download & install Subterfuge:
Download Subterfuge
2. Go ahead and save it in the root.
4. Now change to the Subterfuge directory and run the install with Python:
5. The graphical install interface will show up. Click the Full Install with Dependencies and
then click, “Install”:
6. When the install routine is complete click “Finish”.
7. Now go ahead and run Subterfuge:
8. Now you are given a screen showing that the server is up and running:
9. Now open Iceweasel and surf to 127.0.0.1:80. You are greeted with the main Subterfuge
interface:
Notice there is a place to display usernames and passwords, a Modules and Settings menu and a
Start button.
There are several different attacks we can perform all found under the Modules menu. We can modify
how Subterfuge functions with the Settings menu, and Start initiates some of the attacks.
Browser Autopwn
Let’s try the Browser_Autopwn attack. In it, Subterfuge starts a rogue server and will load in a ton of
different client side browser attacks and use them against any client that tries to connect.
1. Click on the “ Modules” menu.
2. Click on the “HTTP Code Injection” icon.
3. We will be greeted with the Plugin Settings. Leave it at the defaults of “browser_autopwn”
and “IFrame Injection” and click “Apply”.
4. Subterfuge automatically opens a shell window and starts loading Metasploit.
5. The Metasploit Exploits are loaded and prepared :
After a while you will see a screen that says:
[*] — Done, found 64 exploit modules
[*] Using URL: http://0.0.0.0:8080/
[*] Local IP: http://192.168.198.131:8080/
[*] Server Started.
Found 64 exploits – What this means is that Subterfuge is armed with 64 different exploits to attempt
when someone connects to our Kali system.
6. If a victim surfs to our subterfuge webpage (from a Windows 7 system in this example), the
browser_autopwn attack kicks off and automatically starts to fire numerous exploits at the
browser as seen below:
7. To see if any of them worked, we can run the sessions command:
As you can see the exploits were able to open three active remote sessions!
Let’s pick one and see if it truly worked. We will use session 1, just type “ sessions -i” and the
session id number we want.
And it worked. As you can see above I also typed shell to open a remote command prompt.
Conclusion
In this section we used Subterfuge to perform an automated browser attack. Subterfuge created a fake website, started Metasploit and ran the “Browser Autopwn” module creating a possible 64 exploits.
When the client connects, Metasploit tried numerous client attacks against our victim and in the end
was able to create three fully functional remote shell connections.
In real life you would most likely have to social engineer you target and convince them to visit the
Subterfuge site either via e-mail link or a phone conversation.
This is just one of the things that Subterfuge can do. You can also perform several other attacks
including Man-in-The-Middle type attacks. Take some time and play with the different options to see
what you can do.