- Hands-On Web Penetration Testing with Metasploit
- Harpreet Singh Himanshu Sharma
- 119字
- 2021-06-24 16:19:06
Post-exploitation modules
For post-exploitation, you can use the post-exploitation modules available in the interface, as shown in the following screenshot:
- For the target shown in the preceding screenshot, let's use the hashdump post-exploitation module. To use this module, you just need to check which session the module needs to be executed for:
- Click on Run Module to execute the hashdump module. This module will dump the NTLM hashes from the SAM database. A new task ID will be assigned to this module. You can check the task in the taskbar:
- The extracted hashes can be viewed in the Credentials menu from the Project tab bar:
You can use different post-exploitation modules, depending on the situation.