1
00:00:00,420 --> 00:00:09,510
So I really want to show you how versatile interpretor scripting is, it has a scripting environment

2
00:00:09,510 --> 00:00:15,450
that allows you to write your own script or use the pre written scripts by the community.

3
00:00:16,330 --> 00:00:18,970
And like the rest of the Mideast policy framework.

4
00:00:19,860 --> 00:00:27,210
The scripts are written in Ruby and located in the main metastable directory in scripts interpretor.

5
00:00:28,300 --> 00:00:35,230
And there's a wide variety of useful scripts that can help you to automate your workload in the media

6
00:00:35,230 --> 00:00:36,070
spotlight framework.

7
00:00:37,180 --> 00:00:43,630
The script said, I'm going to mention are intended to be used with an interpreter shell after a successful

8
00:00:43,630 --> 00:00:45,700
compromise of a particular target.

9
00:00:46,360 --> 00:00:50,950
So once you have gained a session on the target, that's when you can use these scripts.

10
00:00:51,530 --> 00:00:59,080
However, the Métis boy team decided to convert these scripts to post exploitation modules.

11
00:00:59,920 --> 00:01:04,200
Not every script has an equivalent post module, but most of them have.

12
00:01:04,900 --> 00:01:07,450
So let's have a look at what we have.

13
00:01:08,980 --> 00:01:12,280
So I've got a system level shell on Métis, voidable three.

14
00:01:13,310 --> 00:01:14,750
So we're going to work on this session.

15
00:01:15,970 --> 00:01:22,660
So let's open up a new tab and go to my interpreter scripts folder, which is under the Mat Exploit

16
00:01:22,660 --> 00:01:23,890
Framework Directory.

17
00:01:29,040 --> 00:01:31,320
Now, this was the files here.

18
00:01:32,970 --> 00:01:37,440
So these are the material scripts that are available when I recorded the course.

19
00:01:38,810 --> 00:01:41,090
All right, so let's have a look at one.

20
00:01:42,270 --> 00:01:45,660
Them enum logged on users.

21
00:01:47,410 --> 00:01:49,300
Now, here you see Ruby code.

22
00:01:50,870 --> 00:01:54,030
So it's possible to edit or you can create a new one.

23
00:01:54,380 --> 00:01:57,110
It's up to you and to go back to my session.

24
00:01:59,150 --> 00:02:06,680
And I'm going to run this script that I viewed so run I'm logged on users.

25
00:02:07,890 --> 00:02:11,550
Without any options, it's going to display the help menu.

26
00:02:12,920 --> 00:02:18,200
Now, this time I will add C and L for my parameters.

27
00:02:20,110 --> 00:02:25,390
And here come the results, currently logged users and logged users.

28
00:02:26,490 --> 00:02:36,600
OK, and almost every material script has an equivalent post module, so Inam logged on users as also

29
00:02:36,600 --> 00:02:37,620
one with the same name.

30
00:02:38,500 --> 00:02:46,780
And let's look at the information for this module info post, Windows Gather.

31
00:02:47,740 --> 00:02:50,470
Inam logged on users.

32
00:02:51,910 --> 00:02:59,160
So the scripts are good, but post modules are concurrent and they're more in the style of Menis Boy.

33
00:03:00,110 --> 00:03:06,530
And you can set your variables here, but I'm not going to at this point, and you can run a script

34
00:03:06,530 --> 00:03:08,390
and a post module the same way.

35
00:03:09,200 --> 00:03:12,230
So you type run and then the name of the postmodern.

36
00:03:15,750 --> 00:03:16,650
And then hit enter.

37
00:03:19,950 --> 00:03:22,590
And the module say the results to this part.

38
00:03:24,210 --> 00:03:31,650
So copy that path and open another tab, a file is already open, so quit them.

39
00:03:34,370 --> 00:03:43,830
Vim and pace a path here, and you see that it saves only currently logged users, so you don't have

40
00:03:43,830 --> 00:03:49,130
to view this file, but some modules bring you an overwhelming amount of information.

41
00:03:49,860 --> 00:03:50,760
So let's quit them.

42
00:03:51,510 --> 00:03:53,520
Oh, and one last thing I want to show you.

43
00:03:54,950 --> 00:04:02,270
So I prepare a quick list of scripts that we've mostly used in the course, as well as our equivalent

44
00:04:02,270 --> 00:04:08,060
post-mortem, but some of them have no post modules and interpreter scripts.

45
00:04:09,040 --> 00:04:12,520
I think it's really handy to use scripts for post exploitation.

46
00:04:13,520 --> 00:04:20,750
But at the end of the day, once you feel comfortable, feel free to use each one, however, will help

47
00:04:20,750 --> 00:04:24,830
you in whatever your needs are for your penetration testing.