Vulnerability & Exploit Database

Back to search

HTA Web Server

This module hosts an HTML Application (HTA) that when opened will run a payload via Powershell. When a user navigates to the HTA file they will be prompted by IE twice before the payload is executed.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/windows/misc/hta_server

Authors

  • Spencer McIntyre

References

Targets

  • Powershell x86
  • Powershell x64

Platforms

  • windows

Architectures

  • x86
  • x64

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/windows/misc/hta_server msf exploit(hta_server) > show targets ...targets... msf exploit(hta_server) > set TARGET <target-id> msf exploit(hta_server) > show options ...show and set options... msf exploit(hta_server) > exploit