Type : Tips and Trick
Level : Easy
Platform : Windows (Any)
When you already successfully compromising a vulnerable computer, sometimes you need to know what they are doing in their screen. By using meterpreter payload, you can do capturing user screen and it will be saved in your local machine. To doing this tips, you need to perform an attack first using your metasploit framework. You can view a few of my previous tutorial below :
and so on…. you can view the tutorial here.
2. Operating System (Windows or Linux) to make Metasploit Framework run on your platform. It is better use Linux.
1. Let say we already on Meterpreter console(I use my tutorial to exploit Mozilla nsTreeRange Vulnerability). Run ps command to view all active process.
2. Find Process ID for Explorer.exe. Here in my example, victim Explorer.exe process ID was 1804 and then try to migrate to Explorer.exe process.
3. After successfully migrate to Explorer.exe process, we need to load and use meterpreter extension "espia" to enable capture on victim screen.
4. Run screengrab to start capturing victim screenshot, the image will be saved on your local drive.(I use Backtrack 5, it will saved on Desktop).
5. Here is the example screenshot on my victim computer. I think this guy wanna preparing to cook salmon fish…LoL
Hope you enjoy it 🙂