Forum Thread: Metsasploit Post-Exploitation on Wan.

Hey guys, I'm new in pentesting world/white hat hacking.
I search all over the web but i can't find any answer.

Here Is My Problem

I have a meterpreter shell on a remote windows box (not on my Lan). Im wondering if its possible to use some auxiliary modules like portscan and netbios scan to scan the LAN of the 'compromise host'? (I was assuming this because there is no portscanner in post modules) The only scanner i found its a metasploit script arp-scanner.

Should i be physically on the network or with a Route command i can do this?

I hope my question is clear.
English is not my primary language, so don't be to rude.

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

7 Responses

don't worry about your English many of the users here do not speak English as a first language!

as for your question depending on your permissions on the compromised box you could upload the nmap.exe file drop down into shell run it and dump its output into a txt and then download that txt to your attack machine and then delete nmap to erase your tracks.

Thanks for your quick answer. I got one more. I presume it's not possible but (with route command) may i be able to fire up some exploit on other machine?

look at that wirewise for the win!

not that I'm aware of. because I'm assuming the remote machine is behind a firewall/NAT you wouldn't be able to just proxy the packets from your attacking machine to the second victim machine. however I'm a little out of my depth perhaps one the other other members can give you a more concrete answer.

Thanks for your answer!

Share Your Thoughts

  • Hot
  • Active