You’ve just exploited your target. Now what? Lets walk through a few few tricks with the meterpreter. The Stdapi includes some interesting commands:
- download & upload
- clearev – clear event log
- getuid – get the current user id
- steal_token – steal and impersonation token from a process
- keyscan_start, keyscan_dump, keyscan_stop – key logger
- screenshot
- webcab_snap – take a snapshot from webcam
Exploit your target:
Download juicy info:
Grab A Screeshot:
Log some keys:
Throw a wrench into the recipe:
Before
Upload
The compromised recipe
Evidence it has been tampered with
Falsify the time stamps
As you can see, there are a number of interesting options after you’ve exploited your target. I will be adding additional entries showing what else you can do with this tool. More to come!!!!
No comments:
Post a Comment