00:03
>> Let's poke around the Meterpreter
00:03
[inaudible] a little bit.
00:03
See what things we can do here,
00:03
around the help command.
00:03
We've got nicely organized sections.
00:03
We have our core commands where you can manipulate
00:03
processes and control the components
00:03
that are active or start things up, shut things down.
00:03
We have a lot of commands interact with file systems.
00:03
Just like you would expect,
00:03
if you're using a command shell,
00:03
commands from a light to change networking or,
00:03
get the networking settings.
00:03
Then other system commands
00:03
like getting environment variables or
00:03
being able to run commands.
00:03
If you're here for the interface itself,
00:03
like doing keylogging and so on.
00:03
You can even interact with a webcam.
00:03
There's some privilege escalation commands.
00:03
We'll take a peek at a few of these things.
00:03
One thing I usually like to do is run get system.
00:03
That's one thing right out of the bat that didn't work.
00:03
Let's see why. We try and do get UID.
00:03
I got lucky and my victim executed
00:03
put on their system as an administrator.
00:03
Getting my UID shows that I have
00:03
administrator privileges that's why this
00:03
gets system didn't actually work.
00:03
I can look at a process list.
00:03
This is important because you may want to
00:03
migrate your shell to
00:03
another process called something else.
00:03
Like make it look like another Windows Explorer is
00:03
running for instance, or a service host.
00:03
If I'm going to do the background, let's do that.
00:03
This is going to put the process in the background so
00:03
that I can interact with the framework again.
00:03
Now, you see I get back for this my council prompt.
00:03
From here I could research
00:03
various things like additional exploits,
00:03
I've got to show, so now I can try other things.
00:03
Although I already have a
00:03
root shell that's pretty powerful.
00:03
there are quite a few additional modules.
00:03
I just searched for exploit windows local,
00:03
and got several here that are excellent,
00:03
quite a few that are great or good,
00:03
so it's a nice variety.
00:03
But now if I want to go back to my Meterpreter shell,
00:03
I can run sessions command.
00:03
In case I forgot the number,
00:03
I can see it's Shell Number 4.
00:03
Now, I'm back in Meterpreter.