47 lines
1.4 KiB
Markdown
47 lines
1.4 KiB
Markdown
The post/gather/hashdump module functions similarly to Meterpreter's built-in hashdump command.
|
|
|
|
Having this feature as a post module allows it to be used in different penetration testing scenarios.
|
|
|
|
|
|
## Vulnerable Application
|
|
|
|
---
|
|
|
|
To be able to use post/gather/hash_dump, you must meet these requirements:
|
|
|
|
* You are on a Meterpreter type session.
|
|
* The target is a Windows platform.
|
|
* It must be executed under the context of a high privilege account, such as SYSTEM.
|
|
|
|
## Verification Steps
|
|
|
|
---
|
|
|
|
Please see Overview for usage.
|
|
|
|
## Scenarios
|
|
|
|
---
|
|
|
|
**Upgrading to Meterpreter**
|
|
|
|
To be able to use this module, a Meterpreter session is needed. To upgrade to a Meterpreter session, the easiest way is to use the post/multi/manage/shell_to_meterpreter module. Or, you can try:
|
|
|
|
1. Use the exploit/multi/script/web_delivery module.
|
|
2. Manually generate a Meterpreter executable, upload it, and execute it.
|
|
|
|
**High Privilege Account**
|
|
|
|
Before using post/gather/hashdump, there is a possibility you need to escalate your privileges.
|
|
|
|
There are a few common options to consider:
|
|
|
|
* Using a local exploit module. Or use Local Exploit Suggester, which automatically informs you
|
|
which exploits might be suitable for the remote target.
|
|
* The getsystem command in Meterpreter.
|
|
* Stolen passwords.
|
|
|
|
**Hashdump From Multiple Sessions**
|
|
|
|
One major advantage of having hashdump as a post module is you can run against it multiple hosts easily. To learn how, refer to Overview for usage.
|