In metasploit there is a .rb script that allows you to control a remote computer like VNC and its located at /opt/metasploit3/msf3/scripts/meterpreter/ and called vnc.rb this script is all well and good but it just creates a VNC session and that's it. It doesnt give you the option to carry on using Meterpreter so I came accross a script which will allow you to still use meterpreter in the background which is useful when you still what to do background operations like uploading and downloading and edits to the registry etc..
In the video:
I explain how to create the script and use it.
You can download the script from HERE its in .txt format
Then using nano which is a console based text editor installed in backtrack I create the scripts into the /opt/metasploit3/msf3/scripts/meterpreter/ location and give them the file extension .rb which is a ruby file.
Watch Video If Unsure!!!.
But there is a problem with this script if you want to be more hidden. The script spawns a Command shell prompt on the victims screen in plane site. to get around this I modify the file to include this line:
mul.datastore['DisableCourtesyShell'] = true
Watch the video as to where to place it in the file.
To run the script from meterpreter just type "run <filename.rb>" then a vnc screen has been created and you can control the remote machine but also if you go back to you meterpreter session and hit enter a few times you will still have you command line with full access :)
This is a great book for learning the Metasploit framewaork!
Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research
1 comments:
please tell me , the background music (album) name of this video "How To Get a VNC Session Inside a Meterpreter Session While Still Having Access To The Meterpreter Command Line"
Post a Comment
Any Questions...?