We have already covered a few of the post-exploitation modules in the previous chapters. However, here we will focus on the features that we did not cover. Throughout the last chapter, we focused on exploiting the systems, but now we will focus only on the systems that are already exploited. So, let us now move into the advanced section for post-exploitation.
In this section, we will use the information gathered from basic commands to achieve further success and access levels in the target's system.
As we saw in the previous section, our meterpreter session was loaded from a temporary file. However, if a user of a target system finds the process unusual, he can kill the process, which will kick us out of the system. Therefore, it is a good practice to migrate to safer processes, such as explorer.exe
or svchost.exe
, which evades the eyes of the victim by using the migrate
command...