Session interaction

After successful exploitation, a session will be opened and you'll get a notification on the Project tab bar:

  1. To view the opened session, you need to click the Sessions tab in the Project tab bar:

  1. To interact with any open session, just click on the Session [ID], as shown in the preceding screenshot. The features that are supported by the MSF web interface for session interaction can be seen in the following screenshot:

The following are the options you can use for session interaction:

  • Collect System Data: This option will let you collect system evidence and sensitive data such as passwords, system information, screenshots, and so on. This feature is only available in the Metasploit Pro version.
  • Virtual Desktop: This option will inject a virtual network computing (VNC) DLL and start a VNC service on the given port:

You can interact with the desktop running on the target system via this port:


Note: The user will be notified of incoming VNC connections.
  • Access Filesystem: Using this option, you can browse the filesystem. You can even upload, download, and delete files:

  • Search Filesystem: If you want to search for specific files or perform a wildcard search, you can use this option:

  • Command Shell: If you want to access the Meterpreter command shell, you can click on this button to open the command shell:

You can execute the commands in the given input box. The result will be displayed like so:

This window will only support Meterpreter commands. The System commands can be run using the shell command:

  • Create Proxy Pivot: Creating a proxy pivot is the same as adding routes for pivoting:

You can use this option if you want to connect to the internal network for further exploitation:

  • Create VPN Pivot: This option will let you create an encrypted layer-2 tunnel in the compromised machine and then route any network traffic through that target machine. This grants you full network access as if you were on the local network, without a perimeter firewall to block your traffic.
  • Change Transport: To change the transport mechanism of the session, you can use this option, as shown in the following screenshot:

First, you need to start a handler for the specific transport; otherwise, the process will fail.
  • Terminate Session: Once you use this option, the session will be terminated. To interact with the session, you will have to begin the exploitation process again.

Next, let's look at the post-exploitation modules that are available in the web interface.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.188.241.82