In this section, we will automate capturing a screenshot from the target machine and retrieve it over HTTP reverse shell. Getting a screenshot from the target Desktop
can be useful to see what programs and activities are going on on the target side. In Metasploit Meterpreter, there is a function called screengrab()
, which will take a snapshot from the target machine and transfer it back to the attacker machine. So here, we will do something similar in our existing HTTP shell. For this purpose, we will be using a library called Pillow
at the target. This is a high-level image library in Python. The installation is quite simple. You just need to run pip install Pillow
via cmd
.
Before doing that, just make sure that you have internet access. Once we install this library, I will go toDevices|Network|Network Settings...
in VirtualBox, and change the network mode back to Internal Network
as we did in the previous chapter. We will also give our target the...