{"id":4696,"date":"2012-07-15T00:20:39","date_gmt":"2012-07-15T03:20:39","guid":{"rendered":"http:\/\/www.ethicalhacker.com.br\/site\/?p=4696"},"modified":"2019-07-18T12:57:18","modified_gmt":"2019-07-18T15:57:18","slug":"keylogging-metasploit","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2012\/07\/exploits\/keylogging-metasploit\/","title":{"rendered":"Keylogging Metasploit"},"content":{"rendered":"<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p style=\"text-align: justify;\">Neste pequeno tutorial, mostrarei como utilizar a t\u00e9cnica de keylogging ap\u00f3s comprometer um host.<\/p>\n<p style=\"text-align: justify;\">Para ganho de acesso, utilizarei uma m\u00e1quina rodando <a class=\"inlineAdmedialink\" href=\"#\">Windows<\/a> XP SP3, explora\u00e7\u00e3o do servi\u00e7o SMB ms08_067_netapi.<\/p>\n<p>1\u00ba) Comprometendo o alvo:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/exploit_netapi.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-medium wp-image-4697\" title=\"exploit_netapi\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/exploit_netapi-300x192.png\"  alt=\"\" width=\"300\" height=\"192\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/exploit_netapi-300x192.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/exploit_netapi.png 774w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>2\u00ba) Analisando os processos\u00a0 ps:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/ps.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-medium wp-image-4698\" title=\"ps\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/ps-300x45.png\"  alt=\"\" width=\"300\" height=\"45\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/ps-300x45.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/ps.png 779w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>3\u00ba) Migrando o processo explorer.exe:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/migrate.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-medium wp-image-4699\" title=\"migrate\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/migrate-300x65.png\"  alt=\"\" width=\"300\" height=\"65\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/migrate-300x65.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/migrate.png 778w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>4\u00ba) Iniciando o Keylogging:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/key.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-medium wp-image-4700\" title=\"key\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/key-300x22.png\"  alt=\"\" width=\"300\" height=\"22\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/key-300x22.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/key.png 779w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>5\u00ba) Iniciando o dump e capturando os dados:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/captura.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-medium wp-image-4701\" title=\"captura\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/captura-300x31.png\"  alt=\"\" width=\"300\" height=\"31\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/captura-300x31.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/captura.png 777w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/tuxme.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3476\" title=\"tuxme\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/tuxme.png\"  alt=\"\" width=\"108\" height=\"92\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>Contramedidas : Atualiza\u00e7\u00e3o do SO.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>E isso ai &#8230; at\u00e9 a pr\u00f3xima !!!<\/p>\n<p>&nbsp;<\/p>\n\r\n\t\t<div class='author-shortcodes'>\r\n\t\t\t<div class='author-inner'>\r\n\t\t\t\t<div class='author-image'>\r\n\t\t\t<img src='https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/186048_100001838322519_1550894_n-11668_57x57.jpg' alt='' \/>\r\n\t\t\t<div class='author-overlay'><\/div>\r\n\t\t<\/div> <!-- .author-image --> \r\n\t\t<div class='author-info'>\r\n\t\t\t<p>Autor:\u00a0<strong>S\u00edlvio C\u00e9sar Roxo Giavaroto<\/strong><\/p>\n<p>\u00c9 <a class=\"inlineAdmedialink\" href=\"#\">MBA<\/a> Especialista em Gest\u00e3o de Seguran\u00e7a da Informa\u00e7\u00e3o,\nTecn\u00f3logo em Redes de Computadores, C|EH Certified Ethical Hacker,\natua como Pentest e Analista de Seguran\u00e7a em Servidores Linux no\nGoverno do Estado de S\u00e3o Paulo, Professor Universit\u00e1rio , \u00a0Instrutor\nC|EH e C|HFI.<\/p>\n<p><em>\u00a0<\/em>\r\n\t\t<\/div> <!-- .author-info --><\/p>\r\n\t\t\t<\/div> <!-- .author-inner -->\r\n\t\t<\/div> <!-- .author-shortcodes -->\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Neste pequeno tutorial, mostrarei como utilizar a t\u00e9cnica de keylogging ap\u00f3s comprometer um host. Para ganho de acesso, utilizarei uma m\u00e1quina rodando Windows XP SP3, explora\u00e7\u00e3o do servi\u00e7o SMB ms08_067_netapi. 1\u00ba) Comprometendo o alvo: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 2\u00ba) Analisando os processos\u00a0 ps: &nbsp; &nbsp; 3\u00ba) [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4083,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[],"class_list":["post-4696","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-exploits"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/4696","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=4696"}],"version-history":[{"count":11,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/4696\/revisions"}],"predecessor-version":[{"id":10613,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/4696\/revisions\/10613"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/4083"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=4696"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=4696"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=4696"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}