Metasploit Shellcode Injection Module is a Metasploit module which as its name suggests, injects shellcode into the target Windows system on which we already have access. In our previous article, we have learnt what is shellcode and how it is created. Shellcode is a bit assembly code or machine language. Shellcode plays a very important role in cyber security. Typically shellcode is used in offensive penetration testing.
Let’ s see how this module works. Get a meterpreter session on a Windows system. After getting a meterpreter session, Background the current session and load the post windows shellcode inject module as shown below.
We will use Donut tool to create a shellcode of the mimikatz program. Mimikatz is a tool that is used to experiment with Windows security. Its known to extract plaintext passwords and kerberos tickets from memory. It can also perform pass-the-hash, pass-the-ticket or build Golden tickets.
Set the SESSION ID and other options given below.
Set the interactive option to TRUE otherwise you will not directly be taken to the mimikatz shell. Also set the correct target architecture.
After all the options are set, execute the module and you should directly interact with mimikatz.
That’s all about the Metasploit Shellcode Injection Module,