Metasploit, stealing data, get saved password and sniffing password

My friend asked me: what will you do after exploit. So i answered: privilege escalation, or stealing data. I have some advices for : Phases of Post-exploitation
1. Understanding the Victim better
2. Privilege Escalation
3. Deleting Log and Kill Monitoring software
4. Collecting Data, excuting Programs
    Search for a file
    Download files
    Download resgistry
    Download application data
        Browser password/sessions
5. Backdoors and Rootkits
6. Using victim as Pirvot to hack deeper into the network 

I maded one video demo it: Using metasploit to stealing data and get firefox saved password:

Next, in windows XP ( not vista). Service and first user in windows station WinSta0 session 0 . And second user is session 1
1 session, includes WinSta0, of course, and every WinSta0 includes 4 desktops:
Each desktop has it own keyboard buffer, so we can sniffing logon password. So i maded one video: Using Metasploit sniff password, includes keyloger and logon password

HD quality :)).
Exe file:
Sniff password and keylogger:
Steal data and get saved password:
Thanks for reading
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.


Popular posts from this blog

Python - Multithread to read one file

An toàn thông tin ứng dụng Web

OpenCA tutorial