To extract the hash passwords from a victim, some hackers will use Metasploit. By using Metasploit a hacker can create a reverse_tcp payload and use it to establish a meterpreter session on the victim's device. Once a meterpreter session is created, the hacker can dump the contents of the SAM by typing the command hashdump. Before hashdump can be successfully executed, the attacker must type getsystem and getprivs to escalate their level of access on the victim's device. The following lab will demonstrate how this is done. Screenshots are provided to help you follow along.
Step one involves creating a payload to send to the victim. For this lab, we will use msfvenom to create a meterpreter reverse_tcp ...