Overview
Dive into the inner workings of Meterpreter, Metasploit's popular Windows payload, in this 56-minute conference talk from the 44CON Information Security Conference. Explore the lifecycle, architecture, and technical details of Meterpreter, including Reflective DLL Injection and Migration. Learn how it operates in memory, avoids disk detection, and hides from the operating system. Gain insights into the construction process, command definition and registration, exploitation techniques, and the intricacies of payload migration. Suitable for those with low-level knowledge and an interest in the technical aspects of penetration testing tools.
Syllabus
Goals
What is Meterpreter?
What is it made of?
Sample Scenario
Stage Construction
Reflective DLL Injection
RDI Steps 1. Locate the image in memory
RDI Walkthrough
Step 1
Step 2
Step 3
Step 4
Step 5
Relocation
Step 6
Command Definition
Command Registration
Exploitation
Migration in Metasploit
Type, Length, Value
Migration TLVS
Back to Ruby ...
Migration in Meterpeter
Migrate Context
Migration in Meterpreter
Migrated Payload Exec
Migration Completes!
The "links" Slide
Taught by
44CON Information Security Conference