[youtube]=c-9IIfgVgCc[/youtube]
http://www.securitytube.net/video/7326[/center]
This exploit will present malicious files on a server and once we entice the victim to visit ourserver and open our file he will be injected with our malicious dll and we can have our payload running.
The webdav dll hijacker is located at exploits/windows/browser/webdav_dll_hijacking. Next set your payload as a windows/meterpreter/reverse_tcp and set the local host and the local port. In here I used the extension as ppt. Well once you enter exploit metasploit will start the server and once the victim visits our server he should see a powerpoint presentation in our case. When he opens it we should get our payload working.
To learn more about DLL security read this: http://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx
[center]
