Remote Shell Extracting Data

In this lab, you will execute a social engineering attack that uses a vulnerable Putty program that embeds a remote shell malware that is sent as an attachment to the victim. The victim installs the package and runs the vulnerable program which launches the remote shell malware. The attacker uses Kali/Metasploit to execute the meterpreter shell and exploit data.

outcomes:

In this lab, you will learn to:

Insert a meterpreter payload into a program
Execute a social engineering attack using a vulnerable email attachment
Execute a meterpreter remote shell to exploit data

Overview

The development of this document is funded by the Boston Area Advanced Technological Education Connections (BATEC) Grant No. NSF-0703097 thru Bunker Hill Community College.

One of the ultimate goals of a remote shell is to extract data. This lab will demonstrate how to use a Metasploit module (Msfvenom) to inject code into a regular program (PuTTY). This lab will also demonstrate how this program with injected payload can be used to extract data from Alice, the administrator’s desktop.

Extracting Data

Courses

Pentesting and Understanding Vulnerabilities - Skill Labs

Key terms and descriptions

meterpreter

Meterpreter is a Metasploit attack payload that provides an interactive shell from which an attacker can explore the target machine and execute code.

malware

Malware, also known as malicious software, is a piece of software that does harm to a computer

remote shell

The remote shell is a command line computer program that can execute shell commands as another user, and on another computer across a computer network.

phishing

Phishing is a form of social engineering that uses electronic communications to impersonate a trustworthy entity in an attempt to scam users.