Hey guys, I'm new in pentesting world/white hat hacking.
I search all over the web but i can't find any answer.
Here Is My Problem
I have a meterpreter shell on a remote windows box (not on my Lan). Im wondering if its possible to use some auxiliary modules like portscan and netbios scan to scan the LAN of the 'compromise host'? (I was assuming this because there is no portscanner in post modules) The only scanner i found its a metasploit script arp-scanner.
Should i be physically on the network or with a Route command i can do this?
I hope my question is clear.
English is not my primary language, so don't be to rude.
Thanks!
7 Responses
don't worry about your English many of the users here do not speak English as a first language!
as for your question depending on your permissions on the compromised box you could upload the nmap.exe file drop down into shell run it and dump its output into a txt and then download that txt to your attack machine and then delete nmap to erase your tracks.
Thanks for your quick answer. I got one more. I presume it's not possible but (with route command) may i be able to fire up some exploit on other machine?
Correct me if I'm wrong, but I believe you can pivot off of that compromised computer and do recon and exploitation from there , and get a another meterpreter session and so on. Anyway here's a link that will explain everything https://www.offensive-security.com/metasploit-unleashed/pivoting/ . Good luck
-WireWise
look at that wirewise for the win!
Wirewise is correct.
not that I'm aware of. because I'm assuming the remote machine is behind a firewall/NAT you wouldn't be able to just proxy the packets from your attacking machine to the second victim machine. however I'm a little out of my depth perhaps one the other other members can give you a more concrete answer.
Thanks for your answer!
Share Your Thoughts