• 27,004
  • +1,027
  • 3,075
How to get Files From Victim Using Backtrack + Metasploit

How to get Files From Victim Using Backtrack + Metasploit

Bookmark

Type : Tips and Trick

Level : Easy

Someone was leave me a message from "Request Tutorial" page about how to get or download files from victim using Backtrack. Emm…this tutorial wasn't to complicated so I put it on Tips and Trick section. Actually everything you can do and interact with your victim after you successfully compromise and got the victim machine in your hand. The following tips and trick will show you how to download files from victim via Metasploit Meterpreter, you also can view the rest of interracting with file meterpreter command in tutorial about 13 metasploit meterpreter file system command you should know(view the tutorial here).

Requirements :

1. Meterpreter Script (you can get meterpreter script when successfully compromise victim with selected payload)

Step by Step :

1. This tips and trick I will use Java Signed Applet Social Engineering Code Execution (see tutorial here) to exploit the victim until got this screen below.

How to get Files From Victim Using Backtrack + Metasploit

2. After get your meterpreter script, try to run ls command to listing your directory and also know your current working directory.

How to get Files From Victim Using Backtrack + Metasploit

3. There it is we found something labelled "privacy.txt" maybe we will need that, let's download the file by using download command. (this download command also can download a directory)

How to get Files From Victim Using Backtrack + Metasploit

4. When download finished, the file was stored on your /root/ directory.

How to get Files From Victim Using Backtrack + Metasploit

Hope it's useful 🙂

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com

  • Charles

    Downloading files with meterpreter over the RPC is easy. But they download to the metasploit box. How can I get them from the metasploit box back to the application running the RPC client (which is on a different machine)? 

  • Charles

    No, I have three machines. One is the target. One is a metasploit box. One is my local machine, which is running a custom application that interacts with the metasploit box using the RPC.
    I send the meterpreter download command from my local box to the metasploit box, and it begins a download from the target to the metasploit box. But NOT to my local machine. I have to ftp to the metasploit box to retrieve those downloaded files.
    Likewise, I cannot upload directly from my local machine, I have to ftp the file to the metasploit box first, and then upload it with meterpreter. 
    Charles.

    • v4L

      #Charles
      Hmm…if the condition like that, I think you should use FTP/FTPS..
      If the metasploit box run on Backtrack, you can also run your apache webserver service by using service apache start command, and then put the downloaded file into /var/www/your-folder/ in your backtrack.
      Then access it using http://backtrack-ip-address/your-folder/

  • akshay

    Aftet reaching meterpreter
    kya hame internet connection ki requirement hogi file ko dwonload karne k liye plz reply must

  • akshay

    How to search that which port is opend on our system
    Means list of open ports of our system

  • akshay

    How to use netapi in metasploit

  • akshay

    Kya asi koi reverse engg ki trick h jis se hum IDM software ko crack kar sake
    If yes than plz post its tutorial

    And also tell me that how we can make my private files inaccessible for other persons if those files lie in my external hard drive i.e pendrive