Time
5 hours 38 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Description

This brief session offers participants step by step instructions in how to explore meterpreter. Participants learn about commands for file systems, as well as other system commands such as environment variables. The instructor shows how to use to get system command, which doesn't work during the lesson so he shows participants what went wrong and how to make it work.

Video Transcription

00:04
Okay, so let's poke around the interpreter air fast a little bit,
00:07
See what kinds of things we can do here
00:10
around the help come in.
00:13
And we've got nicely organized sections. We have our core commands where you can manipulate, uh,
00:21
processes and controlled the components that are active or start things up. Shut things down.
00:29
We have a lot of commands in Iraq with file systems,
00:33
just like you would expect if you're using a clan show
00:36
commands for allowing to change networking, which are get the networking settings
00:42
and then other system commands like getting environment variables are being able thio
00:47
run commands.
00:49
Okay,
00:50
if you're here for the interface itself,
00:53
like doing key longing and so long
00:56
you could even interact with a webcam on.
00:59
And, uh, there's some privilege escalation commands,
01:03
so we'll take a peek at a few of these things.
01:06
One thing I usually like to do is
01:10
Ron get system.
01:17
All right, so that's it. Ah, one thing right out of the bat that didn't work. Let's see why I'm trying to get you. I d
01:23
All right. So I got lucky and my victim
01:26
executed
01:29
the vine. Terrified. I put on their system as an administrator.
01:34
So getting my u i. D. Shows that I have administrator privileges. That's why this gets system didn't actually country work.
01:42
I can look at a process list,
01:48
and this is important because you may want to migrate
01:52
your shelter. Another process called something else.
01:55
Make it look like another Windows Explorers running, for instance, or service host
02:07
like So I'm gonna do the background.
02:10
Let's do that.
02:13
Uh, this is gonna put the process in the background so that I can interact with the framework again.
02:19
So now you see, I get back to my interpreter. Prompt or not, I'm a tripper prompt. But Thea,
02:23
let's play counsel prompt.
02:30
So from here, I could research various things like additional exploits.
02:36
I've got a show, so now I can try other things,
02:44
although I already have a
02:46
a rude shell that's pretty powerful.
02:47
But as you can see, there are quite a few additional modules. I just searched for, exploit windows local
02:55
and
02:58
got several here that are excellent.
03:00
Quite a few that are great or good.
03:02
So it's a nice variety.
03:08
But now if I want to go back to my interpretive show,
03:13
I can Recessions Sessions Command
03:15
Because I forgot the number and I could see it. Shell number four.
03:21
All right, so now I'm back in interpreter.

Up Next

Metasploit

This Metasploit tutorial will teach you to utilize the deep capabilities of Metasploit for penetration testing and help you to prepare to run vulnerability assessments for organizations of any size.

Instructed By

Instructor Profile Image
Dean Pompilio
CEO of SteppingStone Solutions
Instructor