O'Reilly logo

Metasploit by Mati Aharoni, Devon Kearns, Jim O'Gorman, David Kennedy

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Post Exploitation

At this point, we should have a Meterpreter console running in the background within msfconsole, so we can begin to scan the target’s subnet for other live systems. To do this, we’ll upload nmap to the target and run it from the Windows machine.

First, download nmap from insecure.org in an executable format and save it locally. We’ll be uploading this to our target. Next, we’ll connect to the target via Microsoft’s Remote Desktop Protocol (RDP), a built-in graphical remote administration protocol that lets you interact with the Windows Desktop as if you were sitting in front of the remote machine. After we’re connected with our Meterpreter session, we’ll use the getgui Meterpreter script to tunnel RDP back out to us over port ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required