Shubham Mittal, profile picture
Uploaded byShubham Mittal
PPTX, PDF2,267 views

Post Exploitation Using Meterpreter

The document discusses using Meterpreter for post exploitation activities after gaining access to a target system. Meterpreter provides an advanced multi-function payload that injects itself into running processes to provide core and advanced command functionality through extensions in a more stealthy way than normal payloads. The document outlines how Meterpreter works and can be used for activities like enumeration, privilege escalation, information harvesting, and pivoting across a network during post exploitation.

Technology
Related topics:
Penetration-Testing

Embed presentation

Downloaded 72 times
Post Exploitation Using Meterpreter
• Who am I ? • Meterpreter • Meterpreter..why? Agenda • Meterpreter..how? • Command Classification • Post Exploitation • Conclusion
Shubham Mittal Security Consultant @ Hackplanet Technologies Penetration Tester Areas Of Working AV Evasion Malware Analysis Metasploit SOC
Meterpreter Meterpreter – Advance Multi Function payload. – Provides core complex and advanced features. – Injects itself into running process. – Meterpreter = Meta Interpreter, interprets commands from one machine to another.
Meterpreter Meterpreter .. Why? – Normal Payloads : – Creates a new Process at the target machine. – Don’t work in chroot’d environments. – Limited to commands available on the shell only. – Meterpreter: – Everything goes into memory, No I/O operations to HDD, hence less detectable. – Works in chroot’d environment [works in context of exploited process]. – Different extensions can be loaded on the fly during post exploitation. – Plus Meterpreter Scripting
Meterpreter .. Why? A handler is fired. Remote Machine Enumeration Vulnerability is triggered. Payload delivered, using DLL injection Payload reverts Back, pwning a shell
Command Classification Meterpreter Session Extension- Extension- Extention- Core STDapi Priv Espia Sniffer Incognito Commands Commands Commands Commands Commands Commands
Post Exploitation • Enumeration of Machine • Screenshots, keyloggers, VNC, etc. • Privilege Escalation • Back-dooring • Session Up gradation • Information Harvesting • Pivoting
Pivoting : The Network we will Follow
Conclusion • Ideal stealth vector for process injection. • Can be a nice tool to integrate with future exploits. • Meterpreter scripting will definitely give an aid. • Expectations never ends 
Got queries, suggestions, comments : shubham@hackplanet.in

More Related Content

PPTX
Messing around avs
byShubham Mittal
 
PPTX
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
byShota Shinogi
 
PPTX
ShinoBOT Suite
byShota Shinogi
 
PDF
BlueHat v18 || Linear time shellcode detection using state machines and opera...
byBlueHat Security Conference
 
PPTX
DefCamp 2013 - MSF Into The Worm Hole
byDefCamp
 
PDF
IoT mit Rust programmieren
byLars Gregori
 
PDF
Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation
byMauricio Velazco
 
PPTX
Practical Windows Kernel Exploitation
byzeroSteiner
 
Messing around avs
byShubham Mittal
 
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
byShota Shinogi
 
ShinoBOT Suite
byShota Shinogi
 
BlueHat v18 || Linear time shellcode detection using state machines and opera...
byBlueHat Security Conference
 
DefCamp 2013 - MSF Into The Worm Hole
byDefCamp
 
IoT mit Rust programmieren
byLars Gregori
 
Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation
byMauricio Velazco
 
Practical Windows Kernel Exploitation
byzeroSteiner
 

What's hot

PPTX
Metasploit For Beginners
byRamnath Shenoy
 
PPT
Python for pentesters
byRashid feroz
 
PDF
Metasploit for Penetration Testing: Beginner Class
byGeorgia Weidman
 
PPTX
Apache Struts2 CVE-2017-5638
byRiyaz Walikar
 
ODP
Stealthy, Hypervisor-based Malware Analysis
byTamas K Lengyel
 
PPTX
Fun With Dr Brown
byzeroSteiner
 
PDF
Is Rust Programming ready for embedded development?
byKnoldus Inc.
 
PPTX
Metasploit for Web Workshop
byDennis Maldonado
 
PPTX
Linx privx privileges-sudo misconfiguration group and docker daemon privileges
byAliBawazeEer
 
ODP
The Nightmare Fuzzing Suite and Blind Code Coverage Fuzzer
byJoxean Koret
 
PPTX
Fuzzing
byKhalegh Salehi
 
PPTX
Basic Malware Analysis
byAlbert Hui
 
PPTX
Hacking with Remote Admin Tools (RAT)
byZoltan Balazs
 
PDF
Metasploit Demo
byn|u - The Open Security Community
 
PDF
OffensiveCon2022: Case Studies of Fuzzing with Xen
byTamas K Lengyel
 
PPT
Automated Penetration Testing With The Metasploit Framework
byTom Eston
 
PDF
Defcon 27 - Writing custom backdoor payloads with C#
byMauricio Velazco
 
PDF
Shusei tomonaga pac_sec_20171026
byPacSecJP
 
PDF
SSMF (Security Scope Metasploit Framework) - Course Syllabus
bySecurity Scope
 
PPTX
Playing with fuzz bunch and danderspritz
byDeepanshu Gajbhiye
 
Metasploit For Beginners
byRamnath Shenoy
 
Python for pentesters
byRashid feroz
 
Metasploit for Penetration Testing: Beginner Class
byGeorgia Weidman
 
Apache Struts2 CVE-2017-5638
byRiyaz Walikar
 
Stealthy, Hypervisor-based Malware Analysis
byTamas K Lengyel
 
Fun With Dr Brown
byzeroSteiner
 
Is Rust Programming ready for embedded development?
byKnoldus Inc.
 
Metasploit for Web Workshop
byDennis Maldonado
 
Linx privx privileges-sudo misconfiguration group and docker daemon privileges
byAliBawazeEer
 
The Nightmare Fuzzing Suite and Blind Code Coverage Fuzzer
byJoxean Koret
 
Fuzzing
byKhalegh Salehi
 
Basic Malware Analysis
byAlbert Hui
 
Hacking with Remote Admin Tools (RAT)
byZoltan Balazs
 
Metasploit Demo
byn|u - The Open Security Community
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
byTamas K Lengyel
 
Automated Penetration Testing With The Metasploit Framework
byTom Eston
 
Defcon 27 - Writing custom backdoor payloads with C#
byMauricio Velazco
 
Shusei tomonaga pac_sec_20171026
byPacSecJP
 
SSMF (Security Scope Metasploit Framework) - Course Syllabus
bySecurity Scope
 
Playing with fuzz bunch and danderspritz
byDeepanshu Gajbhiye
 

Viewers also liked

PPTX
DataSploit - Tool Demo at Null Bangalore - March Meet.
byShubham Mittal
 
PPTX
44CON 2014 - Meterpreter Internals, OJ Reeves
by44CON
 
PDF
Meterpreter in Metasploit User Guide
byKhairi Aiman
 
PDF
Denial Of Service Flooding Detection In Anonymity Networks
byJens Oberender
 
PDF
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
by44CON
 
DOCX
Ips and-ids
byAdam Viet
 
PPTX
44CON London 2015 - How to drive a malware analyst crazy
by44CON
 
PPTX
Metasploit (Module-1) - Getting Started With Metasploit
byAnurag Srivastava
 
PDF
The complex patient vad ransplant vad exchange or hospice
bydrucsamal
 
PDF
Pen-Testing with Metasploit
byMohammed Danish Amber
 
PPTX
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
byBenjamin Delpy
 
PDF
Offensive Security with Metasploit
byegypt
 
PDF
Stealth post-exploitation with phpsploit
byNullbyte Security Conference
 
PDF
Hacking cable modems the later years
byNullbyte Security Conference
 
DataSploit - Tool Demo at Null Bangalore - March Meet.
byShubham Mittal
 
44CON 2014 - Meterpreter Internals, OJ Reeves
by44CON
 
Meterpreter in Metasploit User Guide
byKhairi Aiman
 
Denial Of Service Flooding Detection In Anonymity Networks
byJens Oberender
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
by44CON
 
Ips and-ids
byAdam Viet
 
44CON London 2015 - How to drive a malware analyst crazy
by44CON
 
Metasploit (Module-1) - Getting Started With Metasploit
byAnurag Srivastava
 
The complex patient vad ransplant vad exchange or hospice
bydrucsamal
 
Pen-Testing with Metasploit
byMohammed Danish Amber
 
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
byBenjamin Delpy
 
Offensive Security with Metasploit
byegypt
 
Stealth post-exploitation with phpsploit
byNullbyte Security Conference
 
Hacking cable modems the later years
byNullbyte Security Conference
 

Similar to Post Exploitation Using Meterpreter

PPTX
Cyber Security and Ethical hacking 16
byShekh Md Mehedi Hasan
 
DOCX
Backtrack Manual Part8
byNutan Kumar Panda
 
PDF
Cheatsheet: Metasploit
byKasper de Waard
 
PDF
Open Source Cyber Weaponry
byJoshua L. Davis
 
PDF
The Metasploit Framework Companion Guide
byfynboytinny
 
PDF
24 33 -_metasploit
bywozgeass
 
PPTX
Client side exploits
bynickyt8
 
PDF
Metasploit: Pwnage and Ponies
byTrowalts
 
PPTX
Metasploit Railguns presentation @ tcs hyderabad
byChaitanya krishna
 
PDF
Pentest with Metasploit
byM.Syarifudin, ST, OSCP, OSWP
 
PPTX
System Hacking in brief with the help of examples .pptx
byGuna Dhondwad
 
PDF
Meterpreter awareness
byHaydn Johnson
 
PDF
Metasploitation part-1 (murtuja)
byClubHack
 
PPTX
BSides Algiers - Metasploit framework - Oussama Elhamer
byShellmates
 
PPTX
Windows xp compromise and remedies
byBikrant Gautam
 
PPTX
Creating Havoc using Human Interface Device
byPositive Hack Days
 
PPTX
metaploit framework
byLe Quyen
 
PDF
CSCAMP2013 - Introduction to pwnCore
byAnwar Mohamed
 
PPTX
Metasploit - Basic and Android Demo
byArpit Agarwal
 
PPTX
Finalppt metasploit
bydevilback
 
Cyber Security and Ethical hacking 16
byShekh Md Mehedi Hasan
 
Backtrack Manual Part8
byNutan Kumar Panda
 
Cheatsheet: Metasploit
byKasper de Waard
 
Open Source Cyber Weaponry
byJoshua L. Davis
 
The Metasploit Framework Companion Guide
byfynboytinny
 
24 33 -_metasploit
bywozgeass
 
Client side exploits
bynickyt8
 
Metasploit: Pwnage and Ponies
byTrowalts
 
Metasploit Railguns presentation @ tcs hyderabad
byChaitanya krishna
 
Pentest with Metasploit
byM.Syarifudin, ST, OSCP, OSWP
 
System Hacking in brief with the help of examples .pptx
byGuna Dhondwad
 
Meterpreter awareness
byHaydn Johnson
 
Metasploitation part-1 (murtuja)
byClubHack
 
BSides Algiers - Metasploit framework - Oussama Elhamer
byShellmates
 
Windows xp compromise and remedies
byBikrant Gautam
 
Creating Havoc using Human Interface Device
byPositive Hack Days
 
metaploit framework
byLe Quyen
 
CSCAMP2013 - Introduction to pwnCore
byAnwar Mohamed
 
Metasploit - Basic and Android Demo
byArpit Agarwal
 
Finalppt metasploit
bydevilback
 

Recently uploaded

PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
PDF
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
AI Technology important knowledge ......
byutkarshj2007
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PPTX
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
PPTX
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
AI Technology important knowledge ......
byutkarshj2007
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
The year in review - MarvelClient in 2025
bypanagenda
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 

Post Exploitation Using Meterpreter

  • 1.
  • 2.
    • Who amI ? • Meterpreter • Meterpreter..why? Agenda • Meterpreter..how? • Command Classification • Post Exploitation • Conclusion
  • 3.
    Shubham Mittal Security Consultant @ Hackplanet Technologies Penetration Tester Areas Of Working AV Evasion Malware Analysis Metasploit SOC
  • 4.
    Meterpreter Meterpreter – Advance Multi Function payload. – Provides core complex and advanced features. – Injects itself into running process. – Meterpreter = Meta Interpreter, interprets commands from one machine to another.
  • 5.
    Meterpreter Meterpreter .. Why? – Normal Payloads : – Creates a new Process at the target machine. – Don’t work in chroot’d environments. – Limited to commands available on the shell only. – Meterpreter: – Everything goes into memory, No I/O operations to HDD, hence less detectable. – Works in chroot’d environment [works in context of exploited process]. – Different extensions can be loaded on the fly during post exploitation. – Plus Meterpreter Scripting
  • 6.
    Meterpreter .. Why? A handler is fired. Remote Machine Enumeration Vulnerability is triggered. Payload delivered, using DLL injection Payload reverts Back, pwning a shell
  • 7.
    Command Classification Meterpreter Session Extension- Extension- Extention- Core STDapi Priv Espia Sniffer Incognito Commands Commands Commands Commands Commands Commands
  • 8.
    Post Exploitation • Enumeration of Machine • Screenshots, keyloggers, VNC, etc. • Privilege Escalation • Back-dooring • Session Up gradation • Information Harvesting • Pivoting
  • 9.
    Pivoting : TheNetwork we will Follow
  • 10.
    Conclusion • Ideal stealthvector for process injection. • Can be a nice tool to integrate with future exploits. • Meterpreter scripting will definitely give an aid. • Expectations never ends 
  • 11.
    Got queries, suggestions,comments : shubham@hackplanet.in