In the very first section of this chapter we saw two possible scenarios of exploitation. Either the attacker has direct access to the target system or the target system is behind the router/firewall and the attacker can reach only till the public interface of router/firewall.

In the case of the second scenario, the attacker has to send some kind of payload to the victim and trick him into executing the payload. Once executed, it will establish a reverse connection back to the attacker. This is a covert technique and involves the use of social engineering.

Kali Linux offers an excellent framework for performing various social engineering attacks. The social engineering toolkit can be accessed at Applications | Exploitation Tools | SET.

The initial screen of SET gives various options related to social engineering attacks as shown in the following image:

We select option 1) Social-Engineering Attacks and then we are presented with an array of attacks as shown in the following image:

We select option 4) Create a Payload and Listener and then select the payload Windows Shell Reverse_TCP. Then we set the IP address and port for the listener as shown in the following image:

SET automatically launches Metasploit and starts the listener. As soon as our victim downloads and executes the payload, a Meterpreter session opens up as shown in the following image: