How to use Metasploit for Post-Exploitation?

Metasploit framework helps each exploitation and put up-exploitation. After compromising the pc system subsequent step of an moral hacker is to conduct an instantaneous reconnaissance/collect details about community and the compromised system. Preliminary meterpreter shell is breakable and susceptible to failure over an prolonged time frame. Due to this fact, as soon as a system is exploited, we have to migrate the shell and bind it with a extra steady course of for instance explorer.exe. This additionally makes detecting the exploit harder. On the meterpreter immediate, enter ps to acquire a listing of working processes, as proven within the following screenshot:

ps command additionally returns the total pathname for every course of. This was omitted from the earlier screenshot. That listing identifies that c:\home windows\explorer.exe is operating. On this specific case, it's recognized with the method ID of 1460, as proven within the following screenshot. Often, it is a secure course of that's the reason we have to migrate the shell to that course of.

style="display:block; text-align:center;"
data-ad-layout="in-article"
data-ad-format="fluid"
data-ad-client="ca-pub-6851151556093185"
data-ad-slot="4254333841">


Now that we have now a steady shell connection to the compromised system, we'll use the meterpreter scripts that help put up-exploitation actions. Very first thing we have to ask our self which might be we on a digital machine or not? We are able to establish this by coming into the command in meterpreter run checkvm. The command run checkvm is issued, as proven within the following screenshot. The returned information signifies that it is a VMware Digital Machine.

Put up-Exploitation Instructions with Descriptions

run checkvm: Concludes if a digital machine is current.

run getcountermeasure: Establish safety configuration on the exploited system for instance antivirus, firewalls and so forth.

run killav: This script is often outdated which disables a lot of the antivirus providers working on the compromised system.

run hostsedit: Permit us so as to add entries to the Home windows HOSTS file. This may divert visitors to a distinct website (a pretend website), which can obtain extra instruments.

run winenum: begins a command-line and WMIC characterization of the exploited system. It dumps the necessary keys from the registry and LM hashes.

run scraper: Gathers complete info that has not been gathered by different scripts, reminiscent of the whole Window registry.

run add and run obtain: Permits the attacker to add and obtain information on the goal system.

run getprivs: Makes an attempt to allow the entire privileges accessible to the present course of. It is very helpful for privilege escalation.

run getsystem: Makes an attempt to raise privileges to the Home windows SYSTEM degree; grants the fullest doable escalation of a consumer's privileges.

Run hashdump: Dumps the contents of the SAM database on the attacker's system.

run getgui: Permits the person to allow RDP (getgui -e) and set the username and password (getgui -u). The gettelnet script might be run in the identical method.

run vnc: Provides the attacker a distant GUI (VNC) to the compromised system.

Extra Scritps


Probably the most efficient meterpreter scripts is the Home windows enumerator (winenum). As seen within the following screenshot, it makes use of each command-line and WMIC calls to completely characterize the goal system:

style="display:block; text-align:center;"
data-ad-layout="in-article"
data-ad-format="fluid"
data-ad-client="ca-pub-6851151556093185"
data-ad-slot="4254333841">


Along with the enumeration, the winenum script additionally dumps the registry and collects the system hashes for decryption as proven within the following screenshot:

Meterpreter comes with a number of helpful libraries that help complicated capabilities. For instance, the espia library helps screenshots of the compromised system through use espia command.

The stdapi library permits a distant attacker to govern a webcam by gathering audio and video from the compromised system and relaying that knowledge again to the attacker.

COMMENTS

Name

AC Milan,4,Arsenal,8,Atalanta,5,Atletico Madrid,6,Barcelona,15,Bayern München,5,Bundesliga,9,Business,1,Chelsea,12,Coronavirus,2,Cristiano Ronaldo,13,Dortmund,1,Ethical Hacking,46,Exploitation,35,FA Cup,2,Featured,196,Football,209,Footprinting,29,Google Adsense,2,Inter Milan,5,Juventus,15,Kali Linux,39,Kali NetHunter,3,LaLiga,39,Lazio,4,Leicester City,6,Ligue 1,26,Liverpool,11,Lyon,5,Make Money,3,Manchester City,14,Manchester United,13,Messi,2,Metasploit,1,Napoli,4,Offensive Security,17,Penetration Testing,15,Politics,2,Post Exploitation,19,Premier League,58,PSG,6,Real Madrid,13,Roma,3,Search Engine Optimization,4,Serie A,32,Sevilla,1,Sports,180,Technology,36,Tips,16,Tottenham Hotspur,9,Trending,424,UEFA Champions League,10,UEFA Europa League,11,United States,1,Windows,7,World News,7,
ltr
item
My Hack Stuff: How to use Metasploit for Post-Exploitation?
How to use Metasploit for Post-Exploitation?
My Hack Stuff
https://www.myhackstuff.com/2017/03/how-to-use-metasploit-for-post.html
https://www.myhackstuff.com/
https://www.myhackstuff.com/
https://www.myhackstuff.com/2017/03/how-to-use-metasploit-for-post.html
true
1336489415246004999
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content