Methods to Maintain access In the previous section, we had seen that when the target user restarted the computer, we would lose our connection. We used a normal backdoor that's why, when the computer restarted, our backdoor would be terminated, the process would be terminated, and we would lose our connection. But in this section, we are going to discuss the methods that will allow us to maintain our access to the target computer. We are going to use a normal HTTP reverse Mterepreter undetectable backdoor that we created previously. We are going to inject it as a service so that it will run every time the target user run their computer and it will try to connect back to us at certain intervals. To do this, we will run  background  command and interact with the session on number  2 . We are going to run a module using the command  use exploit/windows/local/persistence . It is like a multi-handler module that comes with Metasploit. After this command, we will ru...

  Filesystem commands Now, we will look at some more commands that will allow us to upload, download, list, read, navigate, and execute files on the target machine. We have a running session which is Meterpreter, and the first thing that we are going to do is run the  pwd  command to get our current working directory. This command will bring us to the  C:\Users  location. Now, we will run ls command to list all of the files and directories, as shown in the following screenshot: Let's suppose that we want to navigate to the  IEUser  folder. To do this, we will run  cd IEUser  command. If we run  pwd , we can see that we will be in  C:\Users\IEUser  directory. Then we will go to the Downloads directory and run  ls  command to list the files, as shown in the following screenshot: In the above screenshot, we can see the  passwords.txt  file, which seems like an interesting file. If we want to read this file, we ...

  Basic of Meterpreter In this section, we are going to learn about how to interact with Metasploit's Meterpreter. In Linux, the  help  command is used to get the information about a specific command. So, the first thing that we are going to do is run the  help  command, to get a big list of all the commands that we can run. It also tells us the description of what each command does, as shown in the following screenshot: The first thing that we are going to highlight is the  background  command, as shown in the following screenshot: The  background  command basically used to background the current session without terminating it. This command is very similar to minimizing a window. So, after running the  background  command, we can go back to Metasploit and run other commands to further exploit the target machine, maintaining our connection to the computer that we just hacked. We will use the  sessions -l  command, to see a...

  Post exploitation Introduction Now we have learned how to gain access to our target machine. In this section, we are going to learn a number of things that can be done after we have gained access to a computer. We will look at what we do with the target computer regardless of how we gain access to it. In the previous section, when we got a reverse Meterpreter session from our target, we always stopped. But in this section, we are going to start with a Meterpreter session. We will learn, what we can do after gaining access. We will be discussing how to maintain access to a target computer even if the target restarts the computer or the user uninstalls the vulnerable programs. We will look at how to download files, read files, upload files, open the webcam, start the keylogger to register keystrokes, and so on. We will also look at how to use a target computer as a pivot to exploit all computers on the same network. In this section, all the things that we are going to do will focus...