2019-12-12 22:00:47 -07:00
|
|
|
## Vulnerable Application
|
|
|
|
|
|
|
|
|
|
This Module lists current TCP sessions.
|
|
|
|
|
|
|
|
|
|
## Verification Steps
|
|
|
|
|
|
2019-12-13 11:26:43 -07:00
|
|
|
1. Start msfconsole
|
2019-12-12 22:00:47 -07:00
|
|
|
2. Get meterpreter session
|
2019-12-13 11:26:43 -07:00
|
|
|
3. Do: ```use post/windows/gather/tcpnetstat```
|
|
|
|
|
4. Do: ```set SESSION <session id>```
|
|
|
|
|
5. Do: ```run```
|
2019-12-12 22:00:47 -07:00
|
|
|
|
|
|
|
|
## Options
|
|
|
|
|
|
2019-12-14 13:53:01 -07:00
|
|
|
**SESSION**
|
|
|
|
|
|
2019-12-12 22:00:47 -07:00
|
|
|
The session to run the module on.
|
|
|
|
|
|
|
|
|
|
## Scenarios
|
|
|
|
|
|
2019-12-15 16:45:57 -07:00
|
|
|
### Windows 7 (6.1 Build 7601, Service Pack 1).
|
|
|
|
|
|
2019-12-12 22:00:47 -07:00
|
|
|
```
|
|
|
|
|
[*] Meterpreter session 1 opened (192.168.1.3:4444 -> 192.168.1.10:49184) at 201 9-12-12 14:55:42 -0700
|
|
|
|
|
|
2019-12-12 22:07:07 -07:00
|
|
|
msf > use post/windows/gather/tcpnetstat
|
|
|
|
|
msf post(windows/gather/tcpnetstat) > set SESSION 1
|
2019-12-12 22:00:47 -07:00
|
|
|
SESSION => 1
|
2019-12-12 22:07:07 -07:00
|
|
|
msf post(windows/gather/tcpnetstat) > run
|
2019-12-12 22:00:47 -07:00
|
|
|
|
|
|
|
|
[*] TCP Table Size: 412
|
|
|
|
|
[*] Total TCP Entries: 10
|
|
|
|
|
[*] Connection Table
|
|
|
|
|
================
|
|
|
|
|
|
|
|
|
|
STATE LHOST LPORT RHOST RPORT
|
|
|
|
|
----- ----- ----- ----- -----
|
|
|
|
|
ESTABLISHED 192.168.1.10 49184 192.168.1.3 4444
|
|
|
|
|
LISTEN 0.0.0.0 135 0.0.0.0 _
|
|
|
|
|
LISTEN 0.0.0.0 445 0.0.0.0 _
|
|
|
|
|
LISTEN 0.0.0.0 5357 0.0.0.0 _
|
|
|
|
|
LISTEN 0.0.0.0 49152 0.0.0.0 _
|
|
|
|
|
LISTEN 0.0.0.0 49153 0.0.0.0 _
|
|
|
|
|
LISTEN 0.0.0.0 49154 0.0.0.0 _
|
|
|
|
|
LISTEN 0.0.0.0 49155 0.0.0.0 _
|
|
|
|
|
LISTEN 0.0.0.0 49156 0.0.0.0 _
|
|
|
|
|
LISTEN 192.168.1.10 139 0.0.0.0 _
|
|
|
|
|
|
|
|
|
|
[*] Post module execution completed
|
|
|
|
|
```
|
