In this recipe, we will explore how to collect data from a victim by using Metasploit. There are several ways to accomplish this task, but we will explore recording a user's keystrokes on the compromised machine. Collecting a victim's data allows us to potentially gain additional information that we can use for further exploits. For our example, we will collect keystrokes entered by a user on a compromised host.
To execute this recipe we will need the following:
A connection to the Internet or intranet
A compromised machine using the Metasploit framework is also required
Let's begin the process of collecting data from a victim from a Meterpreter shell. You will have to use Metasploit to attack a host in order to gain a Meterpreter shell. You can use one of the recipes in Chapter 6, Exploiting Vulnerabilities, to gain access to a host using Metasploit.