Now Open Kali Linux terminal type msfconsole
Once you got the meterpreter session
1)
arp_scanner
The "arp_scanner"
post module will perform an ARP scan for
a given range through a compromised
host.
2)
checkvm
The "checkvm"
post module, simply enough, checks to see if the compromised host is a virtual
machine. This module supports Hyper-V, VMWare, VirtualBox, Xen, and QEMU
virtual machines.
3)
credential_collector
The "credential_collector"
module harvests passwords hashes and tokens on the compromised host.
4)
dumplinks
The "dumplinks"
module parses the .lnk files in a users Recent Documents which could be useful
for further information gathering. Note that, as shown below, we first need to
migrate into a user process prior to running the module.
5)
enum_applications
The "enum_applications"
module enumerates the applications that are installed on the compromised host.
6)
enum_logged_on_users
The "enum_logged_on_users"
post module returns a listing of current and recently logged on users along
with their SIDs.
7)
enum_shares
The "enum_shares"
post module returns a listing of both configured and recently used shares on
the compromised system.
8)
enum_snmp
The "enum_snmp"
module will enumerate the SNMP service configuration on the target, if present,
including the community strings.
9)
hashdump
The "hashdump"
post module will dump the local users accounts on the compromised host using
the registry.
10) usb_history
The "usb_history"
module enumerates the USB drive history on the compromised system.
11) delete_user
The "delete_user"
post module deletes a specified user account from the compromised system.
No comments:
Post a Comment