Showing posts with label Metasckploit Module. Show all posts
Showing posts with label Metasckploit Module. Show all posts

Tuesday, 7 April 2015

Windows Gather Enum User MUICache metasploit module



This module gathers information about the files and file paths that logged on users have executed on the system. It also will check if the file still exists on the system. This information is gathered by using information stored under the MUICache registry key. If the user is logged in when the module is executed it will collect the MUICache entries by accessing the registry directly. If the user is not logged in the module will download users registry hive NTUSER.DAT/UsrClass.dat from the system and the MUICache contents are parsed from the downloaded hive.

Module : post/windows/gather/enum_muicache

msf > use post/windows/gather/enum_muicache 
msf post(enum_muicache) > sessions
         ...sessions...
msf post(enum_muicache) > set SESSION <session-id>
msf post(enum_muicache) > show options
        ...show and set options...
msf post(enum_muicache) > run

Posted by at No comments:
Labels: , , , ,

Wednesday, 1 April 2015

Reflective DLL Injection Metasploit Module


 

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process. As such the library is responsible for loading itself by implementing a minimal Portable Executable (PE) file loader. It can then govern, with minimal interaction with the host system and process, how it will load and interact with the host.

Injection works from Windows NT4 up to and including Windows 8, running on x86, x64 and ARM where applicable.

Download  : Reflective DLL Injection Exploit

VIDEO TUTORIAL : 
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Comments (Atom)