Metasploit Megaprimer Part 12 (Post Exploitation Backdoors And Rootkits)
Description:
This is Part 12 of the Metasploit Megaprimer series.
Please begin this series by starting by watching Part 1 of the Metasploit Megaprimer series, if you have not already done so.In this video, we will learn how to use the 2 backdoors which ship with Metasploit - Persistence and Metsvc. We will go deep into their working and what they leave behind (which you should delete) when uninstalled. Also, some basic talk on 3rd part backdoors and rootkits is also there.
Would request you all to leave your feedback in the comments section below the video!
In the next video, we will learn how to break into a victim and use it as a pivot to break further into the network. Also, we will look at port forwarding and how to access an internal web application using this technique.
Please watch this video in FULL SCREEN mode.
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments:
Good stuff as usual!
Thanks! Let me know if you have any feedback on additions which can be done to this video series.
Hi...Maybe you can help..
I keep getting VBS permission denied error on my persistence backdoors?
any ideas?
it runs once and then the errors
Great video thanks.
Hi Vivek
Wonderful job you are doing bro, got me to create similar pentesting labs. Looking forward to SBH scenario based hacking to proceed.
In this video i was hoping to see you reboot the target machine and use persistence to get another connection. I tried this myself but however most of us have dynamic ip address which changes after every reboot. For instance, if the ip address was; 192.168.2.10 on reboot it would be 192.168.2.11, how do we set a backdoor by using the 2 methods mentioned in the video?
cheers
Excellent job.
I would also like to see a shredder feature (DoD 5220.22-M) that could be implemented with the multi-console-command or perhaps a script is generated on the backtrack side with a simple click and kill functionality. That way you could just double click or run a script it would go to the victim, delete and shred the files, delete the PID, and kill the session. Put them in individual folders by IP addresses. That way you don't have to remember the files or their locations.
Awesome again, thanks!
Another great megaprimer! Thanks for sharing all of this! o/
Another Great video and very important feature of the post exploitation, 1 problem that i didn't understand that in "metsvc" after we've started the script of backdoor on victim box, then how to connect to it later, it is not demonstrated i think.. anyone has the solution please email me at imabdullahdanish@yahoo.com
Regards!
Danish..
Thanks for the effort Vivek !!
Thanks for all the comments guys! We have launched a SecurityTube Metasploit Framework Expert Certification today:
http://www.securitytube.net/smfe
The first 25 signups will receive discounted seats! Please hurry :)
Thanks a lot, i had been searching for months , and now i have got a great place to learn metasploit.
How will the backdoor/persistence work if atacker has a dynamic ip?
Para conhecer o metasploit mais a fundo visite o fórum Amantes do Metasploit, lá você vai encontrar muito material em português
http://www.amantesdometasploit.com.br
Nice job boss