Well, I have made lots of posts on indeed I have dedicated a to this topic "An Introduction To keyloggers, RATS And Malware" which is available as a , Now If you are a regular reader of this the are very less that you might not as I have written about it over and over agai. However in this post I will guide you simple ways to use a inside Meteasploit once you have opened up a meterpreter session with victims computer. of you who don't know what metasploit is kindly refer the post "Metasploit For Beginners Explained"
What is a Meterpreter?
Basically a meterpeter is a simple type of interface us in compltety automating the exploitation process. If you would like to learn furthur about meterpreter kindly do a google search.
- Metasploit Framework
- BackTrack 5
- A Meterpreter session opened on a box
In this case I am using metasploit from backtrack 5, Backtrack 5 is an awesome linux distro which is specially dedicated to hackers and penetration testers, I have used Social Engineering to utilize a browser autopwn in order to open up a meterpreter session on the victims computer.
Step 1 - Before we start the keylogger and start capturing logs, we would need to migrate explorer.exe process as we don't want the our exploit to get closed, In order to migrate the process we would need the PID of the process, In order to get the PID type "PS" on the command line.
Step 2 - Once you know the exact process PID type "Migrate" command along with with the PID so incase if the PID is 1372, you will type "Migrate 1372"
Step 3 - Now just type "Keyscan_start" to start the keylogger.
Step 4 - Now just sit back and relax, In order to harvest keystores all you need to do is type the "Keyscan_dump" command.