Categories

Archives

Kali Linux, Penetration Testing

Run OS Command against Multiple Session in Metasploit

Again we are sharing our experience with our visitors to enhance their skills and ability. In this article, you will learn how to manage multiple sessions of different targets in a network. Once you hacked more than one system in a network and received multiple meterpreter session in your Kali Linux then how will you retrieve data simultaneously from all targets.

Let’s Proceed

First, an attacker needs to create a payload and share it in the network with his targets, then start multi handler in the Metasploit framework. Now when the available targets will open the payload in their system, the attacker will receive the series of sessions.

Here you can see from the given screenshot I have to receive two sessions from a different system.

msf exploit(handler) > sessions

In order to gather the information from both targeted system simultaneously, I had used post exploitation which let an attacker execute the same command for multiple sessions at a time.

This module executes an arbitrary command line

msf exploit(handler) > use post/multi/general/execute
msf post(execute) > set command ipconfig
msf post(execute) > set session 1
msf post(execute) >exploit

 In the given screenshot, you can see I have executed ipconfig to know the network configuration for session 1 and here the target IP is 192.168.0.100 as result.

Then in the next step, I just need to change the session from 1 into 2 so that I can know network configuration for session 2 also and here the target IP is 192.168.0.105 as result.

msf post(execute) > set session 2
msf post(execute) >exploit

Author: Aarti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here