Run OS Command in Multiple Session in Metasploit

Again we are sharing our experience with our visitors to enhance their skills and ability. In this article you will learn how to manage multiple sessions of different targets in a network. Once you hacked more than one system in a network and received multiple meterepreter session in your Kali Linux then how will you retrieve data simultaneously from all targets.

First an attacker needs to create a payload and share it in the network with his targets, then start multi handler in metasploit framework. Now when the available targets will open the payload in their system, the attacker will receive the series of sessions.

Here you can see from given screenshot I have receive two sessions from different system.

msf exploit(handler) > sessions

In order to gather the information from both targeted system simultaneously I had used post exploitation which let an attack to execute same command for multiple sessions at a time.

This module executes an arbitrary command line
msf exploit(handler) > use post/multi/general/execute
msf post(execute) > set command ipconfig
msf post(execute) > set session 1
msf post(execute) >exploit

In given screenshot you can see I have executed ipconfig to know the network configuration for session 1 and here the target IP is as result.

Then in next step I just need to change session from 1 into 2 so that I can know network configuration for session 2 also and here the target IP is as result.

msf post(execute) > set session  2
msf post(execute) >exploit


Post a Comment