In this demonstration , I am going to show you that from even a very common XSS attach, how a we can gain access to whole system. For these I am using 2 Operating system one is Kali Linux and another is XP machine which will work as a client. For exploitation I will be using Metasploit Framework(console). For particular this exploitation there is one exploit named "ms10_046_shortcut_icon_dlllloader". Basically it is able to start the local server. That server will be serving the exploits to the victim. Once victim opens that URL, he will be hacked.
