How To Use A Keylogger Inside Metasploit Using Meterpreter?
Well, I have made lots of posts on keylogging indeed I have dedicated a whole book to this topic "An Introduction To keyloggers, RATS And Malware" which is available as a free download, Now If you are a regular reader of this blog the chances are very less that you might not know about keyloggers as I have written about it over and over agai. However in this post I will guide you simple ways to use a keylogger inside Meteasploit once you have opened up a meterpreter session with victims computer. For those of you who don't know what metasploit is kindly refer the post "Metasploit For Beginners Explained"
What is a Meterpreter?
Basically a meterpeter is a simple type of interface which helps us in compltety automating the exploitation process. If you would like to learn furthur about meterpreter kindly do a google search.
In this case I am using metasploit framework from backtrack 5, Backtrack 5 is an awesome linux distro which is specially dedicated to hackers and penetration testers, I have used Social Engineering Toolkit to utilize a browser autopwn in order to open up a meterpreter session on the victims computer.
Step 1 - Before we start the keylogger and start capturing logs, we would need to migrate explorer.exe process as we don't want the our exploit to get closed, In order to migrate the process we would need the PID of the process, In order to get the PID type "PS" on the command line.
Step 2 - Once you know the exact process PID type "Migrate" command along with with the PID so incase if the PID is 1372, you will type "Migrate 1372"
Step 3 - Now just type "Keyscan_start" to start the keylogger.
Step 4 - Now just sit back and relax, In order to harvest keystores all you need to do is type the "Keyscan_dump" command.
I have you have liked this post and learned some thing new today, If you would like to re-publish this article on your website/blog make sure that you give a proper credit.
What is a Meterpreter?
Basically a meterpeter is a simple type of interface which helps us in compltety automating the exploitation process. If you would like to learn furthur about meterpreter kindly do a google search.
Requirements
- Metasploit Framework
- BackTrack 5
- A Meterpreter session opened on a box
In this case I am using metasploit framework from backtrack 5, Backtrack 5 is an awesome linux distro which is specially dedicated to hackers and penetration testers, I have used Social Engineering Toolkit to utilize a browser autopwn in order to open up a meterpreter session on the victims computer.
Step 1 - Before we start the keylogger and start capturing logs, we would need to migrate explorer.exe process as we don't want the our exploit to get closed, In order to migrate the process we would need the PID of the process, In order to get the PID type "PS" on the command line.
Step 2 - Once you know the exact process PID type "Migrate" command along with with the PID so incase if the PID is 1372, you will type "Migrate 1372"
Step 3 - Now just type "Keyscan_start" to start the keylogger.
Step 4 - Now just sit back and relax, In order to harvest keystores all you need to do is type the "Keyscan_dump" command.
I have you have liked this post and learned some thing new today, If you would like to re-publish this article on your website/blog make sure that you give a proper credit.