In this recipe, you will learn how to use the Windows Meterpreter (Reflective Injection) and Reverse Hop HTTP/HTTPS Stage payload. This payload allows us to tunnel communication over an HTTP or HTTPS hop point. First, we need to upload the hop.php file located in the metasploit-framework/data/php/ directory to a remote server. I will use the DigitalOcean Droplet created in the previous recipe, but you can use any web server with PHP.
Metasploit PHP Hop
Getting ready
First, we have to install Apache and PHP, so we can use the following command:
root@Metasploit:~# apt install apache2 php7 libapache2-mod-php7
Next, copy hop.php to the /var/www/html/ folder and start the Apache2 service:
root@Metasploit:~# systemctl...