Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Meterpreter Internals

44CON Information Security Conference via YouTube

Overview

Dive into the inner workings of Meterpreter, Metasploit's popular Windows payload, in this 56-minute conference talk from the 44CON Information Security Conference. Explore the lifecycle, architecture, and technical details of Meterpreter, including Reflective DLL Injection and Migration. Learn how it operates in memory, avoids disk detection, and hides from the operating system. Gain insights into the construction process, command definition and registration, exploitation techniques, and the intricacies of payload migration. Suitable for those with low-level knowledge and an interest in the technical aspects of penetration testing tools.

Syllabus

Goals
What is Meterpreter?
What is it made of?
Sample Scenario
Stage Construction
Reflective DLL Injection
RDI Steps 1. Locate the image in memory
RDI Walkthrough
Step 1
Step 2
Step 3
Step 4
Step 5
Relocation
Step 6
Command Definition
Command Registration
Exploitation
Migration in Metasploit
Type, Length, Value
Migration TLVS
Back to Ruby ...
Migration in Meterpeter
Migrate Context
Migration in Meterpreter
Migrated Payload Exec
Migration Completes!
The "links" Slide

Taught by

44CON Information Security Conference

Reviews

Start your review of Meterpreter Internals

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.