Metasploit meterpreter and soundrecorder.rb
Recently i try soundrecorder.rb script by Carlos Perez and it is really cool thing.
After remote keysniffer really nice thing.
My lab: on one computer Backtrack4 prefinal usb and another Windows xp sp3.
I run exploit windows/browser/winamp_playlist_unc old exploit for winamp 5.12 but i like it to launch this exploit and payload windows/meterpreter/reverse_tcp.
After sessions become active i first migrate fast to explorer.exe process.
Then run soundrecorder.rb script and talk on mic on victim computer and attacker computer recorded everything. Really nice also nice is that after time of recording is over script automatically delete uploaded files linco.exe and oggenc.exe.
Can someone else say something about this nice script and experience with it?
Thanks for the kind words, I'm glad you liked my script. I will posting later today my slide deck from my part of thepresentation with HD and JR on Meterpreter where I covered Meterpreter Scripting I think you will like it.
For sure always like to learn from metasploit and ruby ninjas like you.
My friends (they are ordinary windows users) ask me come on show us something but really cool form all this stuff you know when you get into computer and i decide to show trick with uictl and your soundrecorder script and after my friend talk on mic and later i play this on attacker machine they go all crazy and say this is really cool cool thing and one friend say in joke now my girlfriend can hear my hot mic sessions on skype with other girls.
They talk about this even days ago.
P.s. showing ordinary windows users some portforwading or something like that is not what they want to see because they dont understand this.
i was working on a script for evasdropping on all media devices, this script would upload vlcplayer witch has a command line interface thus allowing meterpreter shell to access this remotely... it was going smoothly until i seen that hdmoore updated the framework with a similar built in functions for meterpreter...
vlcplayer has so many options a attacker could use for fun and entertainment...
Nice why dont you post link where we can download this script.
P.s. - your video with cracking wep and metasploit shows what hacker with tools on backtrack can do in 15 minutes. Really nice video.
Can you explain how to eavesdrop all media devices with meterpreter. Currently there is on that kind of script in meterpreter (except for sounrecorder.rb) maybe I can develop a new one if you guide me with metasploit functions.
Definitely would like to try.
Originally Posted by Handsome-geek
Couple of months back I tried the same with CANVAS exploitation framework (licensed one), but the quality of recorded voice was pathetic and I could not understand even a single word.