- Hands-On Web Penetration Testing with Metasploit
- Harpreet Singh Himanshu Sharma
- 423字
- 2021-06-24 16:19:06
Session interaction
After successful exploitation, a session will be opened and you'll get a notification on the Project tab bar:
- To view the opened session, you need to click the Sessions tab in the Project tab bar:
- To interact with any open session, just click on the Session [ID], as shown in the preceding screenshot. The features that are supported by the MSF web interface for session interaction can be seen in the following screenshot:
The following are the options you can use for session interaction:
- Collect System Data: This option will let you collect system evidence and sensitive data such as passwords, system information, screenshots, and so on. This feature is only available in the Metasploit Pro version.
- Virtual Desktop: This option will inject a virtual network computing (VNC) DLL and start a VNC service on the given port:
You can interact with the desktop running on the target system via this port:
Note: The user will be notified of incoming VNC connections.
- Access Filesystem: Using this option, you can browse the filesystem. You can even upload, download, and delete files:
- Search Filesystem: If you want to search for specific files or perform a wildcard search, you can use this option:
- Command Shell: If you want to access the Meterpreter command shell, you can click on this button to open the command shell:
You can execute the commands in the given input box. The result will be displayed like so:
This window will only support Meterpreter commands. The System commands can be run using the shell command:
- Create Proxy Pivot: Creating a proxy pivot is the same as adding routes for pivoting:
You can use this option if you want to connect to the internal network for further exploitation:
- Create VPN Pivot: This option will let you create an encrypted layer-2 tunnel in the compromised machine and then route any network traffic through that target machine. This grants you full network access as if you were on the local network, without a perimeter firewall to block your traffic.
- Change Transport: To change the transport mechanism of the session, you can use this option, as shown in the following screenshot:
First, you need to start a handler for the specific transport; otherwise, the process will fail.
- Terminate Session: Once you use this option, the session will be terminated. To interact with the session, you will have to begin the exploitation process again.
Next, let's look at the post-exploitation modules that are available in the web interface.