Lesson 102 : Activating Payloads Video Lecture | Ethical Hacking using Kali Linux (in English) - Software Development

so I'll just go ahead and execute my
payload over here and I'll just go down
start it I should be getting a session
open over here something like that okay
perfect so session one is open so just
go down type sessions - L it will give
me the sessions that are open and I'll
just wouldn't type one so I have the
meterpreter prompt open so if I want to
go ahead and let's say I'll just type
use - M or C ESS let me check okay so I
need to go ahead and update the process
module for that I can just go and type
PS and it will show me the process and
the reason why I am NOT able to go to
install the process model over here the
reason for that would because I already
have a process model installed it will
only go and duplicate the effect I'll
then just one type help and I can see
the all of these exact things which are
already here so you don't actually need
to go ahead and create any kind of
process this wouldn't show you exactly
ease the process come on it is ps5 this
running processes or terminate a killing
a running process so this is how it
works like so after the extension has
been loaded a new commands can be easily
added to this feature to this set of
features so I'll just show you some more
thing that I'll just go and show you how
Reed works like it reads data from any
specific supply channel and as you can
see it give me a channel ID to go ahead
and read so I can go and read anything
so what it does is that it actually
reads a cuff from a communication
channel if I'm trying to communicate
with someone if you go and read all the
data it's encrypted or an unencrypted it
doesn't matter it will straight away go
ahead and read that if I want to write
something or poison something in that
communicating a communication channel I
can go and type write and I can go ahead
and write anything and I want so I can
just go and write it on a communication
channel or write the contents of a file
on a disk or anything like that after
that we have close that close a
communication channel so I can just go
and type close it will close the supply
channels toilet that I had to provide it
with the channel ID
after that we have the health so as I
have already shown you what help does
that it will display all the strut
commands if I won't type exit it will go
and disconnect me from the meterpreter
session and we have finally we have
subsystem so a subsystem extensions are
feature extension commands so I'll spin
that to you later on not at this point
of time then we have load library I can
just go into as load and I be a
capability that this come on was that
removed but previously abused to go
ahead and load a library on the remote
endpoint then it uses a feature
extension model that's process
manipulation and execution of command if
I go ahead and type execute it will ask
me what it wants to execute I can go to
execute a process or dummy executable
and or anything but it will be on the
remote machine endpoint if I go and use
the kills option this will go and kill
one or more processes on the remote
endpoint PS will list all the processes
and I can also go ahead and use any
specific file name let's say for example
if I wanted to execute any file on the
remote machine I can tap execute
- F and anything it would be the file
name over here let's say example test I
don't have anything on the remote
machine in my windows but if I had it
was said well go ahead and execute that
let's see if I would go to execute the
command prompt okay you must specify an
executable with an F but it will not
burn and able to execute it because I
have nothing named okay it was created
great so let me go and check the it's
two six four eight so let me check the
process he fits created okay perfect so
I have the two six four eight process
created I'll just go and kill it two six
four eight it can all this good and
check okay two six four eight was killed
perfect so this is how it looks like
exactly and as you can see I have the
payload over here I'm running and
execute running perfectly I'll just go
to migrate it to the Explorer so that no
one will be able to see me so let's see
if I'm perfect now this is good and see
I should get something like AI as you
can see I can the person who has this
capable not be able to see whether
I was there on their PC because you will
not be able to see the payload file so
similarly I can also go ahead and supply
the H argument - H argument or D - a - H
for creating hidden processes - a for
would be the arguments to pass to the
executable using the execute command - C
to channelize the input and output and I
can kill multiple things at one point of
time so just let say for example if I
wanted to kill the let me check if
something is not necessary so everything
is necessary I believe over here so this
is good and open let's say a media
player and I want to kill the process
let's say I also got an open Chrome so
just go over here so let's say I wanted
to go ahead and kill these processes so
multiple processor at one point of time
so as you can see I have D chrome over
here with 3 5 0 4 + WM player with two
nine three two second is Gordon type Q 3
5 0 4 + 2 9 3 2 it will go ahead and
kill all the processes and if I were to
check PS as you can see 3 9 3 2 was
clear deleted and but let me check just
3 9 3 2 2 9 3 2 + 3 5 0 4 so 3 5 0 4 was
killed so but chrome ones is still
running so I'll just go ahead and delete
that as well that is good and copy it
and I'll go ahead and kill that as well
3 2 9 6 not valid okay let me check okay
bad command ok we have chrome up and
running but the media player has stopped
so let me check - 9 - 6 9 say service
check ok Emily the chrome should have
stopped by now it's still running
I'll give you have another process
chromates up a lot of RAM
let's see okay perfect it's disabled now
so this how we can go ahead and kill
multiple processes as well if you want
to execute any command then you can go
down type exe C UT that's execute - F
CMD - C and we'll go and execute that
specific command
Mitch ie as you can see I have the
command over here prompt if I had
written something over here then it
would go and straightaway run that
prompt perfect so execute here it does
actually go through and runs any kind of
process if I wanted I want to I can also
go down switch to interactive console so
I can just go ahead and type interact
one it will go to interact with channel
one and similarly I can do multiple
things like that and the person over
here will not even be able to understand
exactly what is trying to what is
actually happening so then we have eco
meterpreter interactive channel in the
action which I could go actually go
ahead and execute through the command
and finally I can go ahead and you can
go ahead and check all the helps options
over here which will help you understand
the importance as to what exactly all
things we're what we can do and if the
person is was running on proxy what are
the proxy configuration and multiple
things so that's it for this tutorial
and before in this thing I just had to
tell you that again go ahead and type
ctrl C to go ahead and get back to where
you were exactly and I'll just close
this over here so a few things before I
close this tutorial is that a number of
other extension exists that provide
potentially useful commands the entire
extension system is easier to modify and
customize thus allowing for more
advanced extensions to builder in the
future and the extensions that would be
included would be FS that would provide
interaction with the file system on the
damad machine next one is net that
provides interaction with the network
stack on the remote machine process that
provides interaction with processes on
remote machine and finally we have sis
sys the towards interaction with the
environment on the remote machine so yes
that's all with
that's only with how as far as we can go
with the meter pretty prompt so that's
it for this tutorial guys in the next
tutorial I will be starting with Mitch's
plot and how exactly MIT exploits are
different on the meterpreter and how
flexible they are