Meterpreter Post-Exploitation Scripts

Today the Metasploit post-exploitation script I wrote where approved and commited in to Metasploit 3 for enumeration and attack from the compromised machine using Windows native tools for both enumeration and attack. The scripts are:

  • Winenum - general windows enumeration script for gathering all kinds of information from windows host adapting the commands and informatio gathered to the version of windows where is ran at.
  • Netenum - network enumeration script for performing basic network enumeration of the target enviroment. It will perform ping sweeps, hostname bruteforce, reverse lokkups on ranges and general DNS record enumeration.
  • Winbf - it will perform loging brute force attacks against winown logins using dictionaries against a single login or a list of usernames. It will also enumerate the current windows account lockout and lenght policy so the user will be able to better tailor the attack.
  • Getgui - script for enabling RDP and for creating an account adding it to the appropiate groups to be able to get Remote Desktop on the target machine.
I hope they are as usefull as the original ones have been for me in client engagements where I was limited by the rules of engagement dictated by some of my clients. Glad to give back to such a good project.