Creating a meterpreter on a Windows 7 machine using the username and password.

**Wully** · 2013-07-23

Hello,

I am investigating how to block specific attacks on a Windows 7 system, one possibility I'm attempting to test is in which an attacker could use a known username and password to create a Meterpreter shell on the target, when all other exploit methods fail and not using remote desktop itself as it would be easily noticeable.

I have searched on the internet for some way to get a Meterpreter shell on a target Windows 7 machine in which the password and username is known.
It seems all google results show the opposite: Using Meterpreter to enable RDP.

The target VM I have set up has remote desktop enabled and the username and password is known.
I can rdesktop to the target fine using the username and password. But I am unaware of a tool or a exploit which works through remote desktop to create a Meterpreter shell.

Thanks,

Wully

**daedalus1776** · 2013-07-24

Meterpreter is only the payload. You want to look into exploits that allows arbitrary code to run on the target machine. Specific exploits that use the username and password, such as the psexec module should do the trick.

**root-boy** · 2013-07-24

Originally Posted by Wully

Hello,

I am investigating how to block specific attacks on a Windows 7 system, one possibility I'm attempting to test is in which an attacker could use a known username and password to create a Meterpreter shell on the target, when all other exploit methods fail and not using remote desktop itself as it would be easily noticeable.

I have searched on the internet for some way to get a Meterpreter shell on a target Windows 7 machine in which the password and username is known.
It seems all google results show the opposite: Using Meterpreter to enable RDP.

The target VM I have set up has remote desktop enabled and the username and password is known.
I can rdesktop to the target fine using the username and password. But I am unaware of a tool or a exploit which works through remote desktop to create a Meterpreter shell.

Thanks,

Wully

What you are saying does not make sens. Try to learn and understand how to gather information on a target system (windows 7 in your case) and how to exploit vulnerabilities to get access using metasploit. You can find a lot of ressources on the internet and i can recommand this for you.

**blackMORE** · 2013-07-25

Originally Posted by root-boy

What you are saying does not make sens. Try to learn and understand how to gather information on a target system (windows 7 in your case) and how to exploit vulnerabilities to get access using metasploit. You can find a lot of ressources on the internet and i can recommand this for you.

You could also try walking the other way, look for exploits and match it with your requirements. I've always found exploit-db as a good place to start.

**DaciSS** · 2013-10-21

+1 for psexec

besides offensive-security metasploit unlished materials, I would say securitytube SMFE videos are awesome too http://www.securitytube.net/groups?o...iew&groupId=10

Thread: Creating a meterpreter on a Windows 7 machine using the username and password.

Thread Tools

Search Thread

Display

Creating a meterpreter on a Windows 7 machine using the username and password.

Similar Threads

No username and password

What is the default username for running Kali Linux on a virtual machine?

Problems with Username and Password

Posting Permissions