Breaking News

Tuesday, August 30, 2011

How To Use A Keylogger Inside Metasploit Using Meterpreter?

If you are a regular reader of this blog the chances are very less that you might not know about keyloggers as I have written about it over and over again. However in this post I will guide you simple ways to use a keylogger inside Meteasploit once you have opened up a meterpreter session with victims computer.  For those of you who don't know what metasploit is kindly refer the post "Metasploit For Beginners Explained"

What is a Meterpreter?

Basically a meterpeter is a simple type of interface which helps us in compltety automating the exploitation process. If you would like to learn furthur about meterpreter kindly do a google search.


  • Metasploit Framework
  • BackTrack 5
  • A Meterpreter session opened on a box

How To Use A Keylogger Inside Metasploit Using Meterpreter?

In this case I am using metasploit framework from backtrack 5, Backtrack 5 is an awesome linux distro which is specially dedicated to hackers and penetration testers, I have used Social Engineering Toolkit to utilize a browser autopwn in order to open up a meterpreter session on the victims computer.

Step 1 -  Before we start the keylogger and start capturing logs, we would need to migrate explorer.exe process as we don't want the our exploit to get closed, In order to migrate the process we would need the PID of the process, In order to get the PID type "PS" on the command line.

Step 2 - Once you know the exact process PID type "Migrate" command along with with the PID so incase if the PID is 1372, you will type "Migrate 1372"

Step 3 - Now just type "Keyscan_start" to start the keylogger.

Step 4 - Now just sit back and relax, In order to harvest keystores all you need to do is type the "Keyscan_dump" command.

Designed By