adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
metasploit-gs/documentation/modules/post/windows/gather/tcpnetstat.md
T
Kenneth LaCroix 4b221a497e OS
2019-12-15 16:45:57 -07:00

51 lines
1.4 KiB
Markdown
Raw Blame History

## Vulnerable Application
This Module lists current TCP sessions.
## Verification Steps
1. Start msfconsole
2. Get meterpreter session
3. Do: ```use post/windows/gather/tcpnetstat```
4. Do: ```set SESSION <session id>```
5. Do: ```run```
## Options
**SESSION**
The session to run the module on.
## Scenarios
### Windows 7 (6.1 Build 7601, Service Pack 1).
```
[*] Meterpreter session 1 opened (192.168.1.3:4444 -> 192.168.1.10:49184) at 201 9-12-12 14:55:42 -0700
msf > use post/windows/gather/tcpnetstat
msf post(windows/gather/tcpnetstat) > set SESSION 1
SESSION => 1
msf post(windows/gather/tcpnetstat) > run
[*] TCP Table Size: 412
[*] Total TCP Entries: 10
[*] Connection Table
================
STATE LHOST LPORT RHOST RPORT
----- ----- ----- ----- -----
ESTABLISHED 192.168.1.10 49184 192.168.1.3 4444
LISTEN 0.0.0.0 135 0.0.0.0 _
LISTEN 0.0.0.0 445 0.0.0.0 _
LISTEN 0.0.0.0 5357 0.0.0.0 _
LISTEN 0.0.0.0 49152 0.0.0.0 _
LISTEN 0.0.0.0 49153 0.0.0.0 _
LISTEN 0.0.0.0 49154 0.0.0.0 _
LISTEN 0.0.0.0 49155 0.0.0.0 _
LISTEN 0.0.0.0 49156 0.0.0.0 _
LISTEN 192.168.1.10 139 0.0.0.0 _
[*] Post module execution completed
```
Reference in New Issue View Git Blame Copy Permalink