Multi Manage the screen of the target meterpreter session - Metasploit
This page contains detailed information about how to use the post/multi/manage/screenshare metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.
Module Overview
Name: Multi Manage the screen of the target meterpreter session
Module: post/multi/manage/screenshare
Source code: modules/post/multi/manage/screenshare.rb
Disclosure date: -
Last modification time: 2021-09-23 15:03:19 +0000
Supported architecture(s): -
Supported platform(s): Linux, OSX, Windows
Target service / protocol: -
Target network port(s): -
List of CVEs: -
This module allows you to view and control the screen of the target computer via a local browser window. The module continually screenshots the target screen and also relays all mouse and keyboard events to session.
Module Ranking and Traits
Module Ranking:
- normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.
Stability:
- crash-safe: Module should not crash the service.
Basic Usage
msf > use post/multi/manage/screenshare
msf post(screenshare) > exploit
Required Options
- SESSION: The session to run this module on.
Knowledge Base
This module allows you to view and control the screen of the target computer via a local browser window. The module continually screenshots the target screen and also relays all mouse and keyboard events to session.
Target sessions
This module only supports some target sessions, where the keyboard, mouse and screenshot API are supported.
- Windows (e.g windows/meterpreter/*)
- OSX (e.g osx/x64/meterpreter/*)
- Java (e.g java/meterpreter/*)
Verification Steps
- Obtain a native OSX or Windows session (or a Java session).
- In msfconsole do
use post/multi/manage/screenshare. - Set the
SESSIONoption. - Do
run. - Open the page in a javascript enabled browser
Go back to menu.
Msfconsole Usage
Here is how the multi/manage/screenshare post exploitation module looks in the msfconsole:
msf6 > use post/multi/manage/screenshare
msf6 post(multi/manage/screenshare) > show info
Name: Multi Manage the screen of the target meterpreter session
Module: post/multi/manage/screenshare
Platform: Linux, Windows, OSX
Arch:
Rank: Normal
Provided by:
timwr
Compatible session types:
Meterpreter
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
SESSION yes The session to run this module on.
SRVHOST 127.0.0.1 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
SRVPORT 8080 yes The local port to listen on.
SSL false no Negotiate SSL for incoming connections
SSLCert no Path to a custom SSL certificate (default is randomly generated)
URIPATH no The URI to use for this exploit (default is random)
Description:
This module allows you to view and control the screen of the target
computer via a local browser window. The module continually
screenshots the target screen and also relays all mouse and keyboard
events to session.
Module Options
This is a complete list of options available in the multi/manage/screenshare post exploitation module:
msf6 post(multi/manage/screenshare) > show options
Module options (post/multi/manage/screenshare):
Name Current Setting Required Description
---- --------------- -------- -----------
SESSION yes The session to run this module on.
SRVHOST 127.0.0.1 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
SRVPORT 8080 yes The local port to listen on.
SSL false no Negotiate SSL for incoming connections
SSLCert no Path to a custom SSL certificate (default is randomly generated)
URIPATH no The URI to use for this exploit (default is random)
Advanced Options
Here is a complete list of advanced options supported by the multi/manage/screenshare post exploitation module:
msf6 post(multi/manage/screenshare) > show advanced
Module advanced options (post/multi/manage/screenshare):
Name Current Setting Required Description
---- --------------- -------- -----------
ListenerComm no The specific communication channel to use for this service
SSLCipher no String for SSL cipher spec - "DHE-RSA-AES256-SHA" or "ADH"
SSLCompression false no Enable SSL/TLS-level compression
SendRobots false no Return a robots.txt file if asked for one
URIHOST no Host to use in URI (useful for tunnels)
URIPORT no Port to use in URI (useful for tunnels)
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
Post Actions
This is a list of all post exploitation actions which the multi/manage/screenshare module can do:
msf6 post(multi/manage/screenshare) > show actions
Post actions:
Name Description
---- -----------
Evasion Options
Here is the full list of possible evasion options supported by the multi/manage/screenshare post exploitation module in order to evade defenses (e.g. Antivirus, EDR, Firewall, NIDS etc.):
msf6 post(multi/manage/screenshare) > show evasion
Module evasion options:
Name Current Setting Required Description
---- --------------- -------- -----------
HTTP::chunked false no Enable chunking of HTTP responses via "Transfer-Encoding: chunked"
HTTP::compression none no Enable compression of HTTP responses via content encoding (Accepted: none, gzip, deflate)
HTTP::header_folding false no Enable folding of HTTP headers
HTTP::junk_headers false no Enable insertion of random junk HTTP headers
HTTP::no_cache false no Disallow the browser to cache HTTP content
HTTP::server_name Apache yes Configures the Server header of all outgoing replies
TCP::max_send_size 0 no Maximum tcp segment size. (0 = disable)
TCP::send_delay 0 no Delays inserted before every send. (0 = disable)
Go back to menu.
Error Messages
This module may fail with the following error messages:
Check for the possible causes from the code snippets below found in the module source code. This can often times help in identifying the root cause of the problem.
color:#f00
Here is a relevant code snippet related to the "color:#f00" error message:
108: <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
109: <title>Metasploit screenshare</title>
110: </head>
111: <body>
112: <noscript>
113: <h2 style="color:#f00">Error: You need JavaScript enabled to watch the stream.</h2>
114: </noscript>
115: <div id="error" style="display: none">
116: An error occurred when loading the latest screen share.
117: </div>
118: <div id="container">
display: none
Here is a relevant code snippet related to the "display: none" error message:
110: </head>
111: <body>
112: <noscript>
113: <h2 style="color:#f00">Error: You need JavaScript enabled to watch the stream.</h2>
114: </noscript>
115: <div id="error" style="display: none">
116: An error occurred when loading the latest screen share.
117: </div>
118: <div id="container">
119: <div class="controls">
120: <span>
error
Here is a relevant code snippet related to the "error" error message:
148: // In milliseconds, 1 capture every 60 seconds
149: imageDelay: 60000,
150: };
151:
152: var container = document.getElementById("container");
153: var error = document.getElementById("error");
154: var img = new Image();
155: var controllingCheckbox = document.getElementById("isControllingCheckbox");
156: var imageDelayInput = document.getElementById("imageDelayInput");
157: var imageDelayLabel = document.getElementById("imageDelayLabel");
158: var screenScaleFactorInput = document.getElementById("screenScaleFactorInput");
display: none
Here is a relevant code snippet related to the "display: none" error message:
221: function updateCanvas() {
222: canvas.width = img.width * state.screenScaleFactor;
223: canvas.height = img.height * state.screenScaleFactor;
224: ctx.drawImage(img, 0, 0, canvas.width, canvas.height);
225:
226: error.style = "display: none";
227: }
228:
229: function showError() {
230: error.style = "display: initial";
231: }
display: initial
Here is a relevant code snippet related to the "display: initial" error message:
225:
226: error.style = "display: none";
227: }
228:
229: function showError() {
230: error.style = "display: initial";
231: }
232:
233: // Fetches the latest image, and queues an additional image refresh once complete
234: function fetchLatestImage() {
235: var nextImg = new Image();
Go back to menu.
Related Pull Requests
- #14806 Merged Pull Request: Rubocop recently landed modules continued
- #13541 Merged Pull Request: Add controls to screen capture module
- #11967 Merged Pull Request: Add screenshare post module for mouse and keyboard input
Go back to menu.
See Also
Check also the following modules related to this module:
- post/multi/manage/autoroute
- post/multi/manage/dbvis_add_db_admin
- post/multi/manage/dbvis_query
- post/multi/manage/fileshare
- post/multi/manage/hsts_eraser
- post/multi/manage/multi_post
- post/multi/manage/open
- post/multi/manage/play_youtube
- post/multi/manage/record_mic
- post/multi/manage/screensaver
- post/multi/manage/set_wallpaper
- post/multi/manage/shell_to_meterpreter
- post/multi/manage/sudo
- post/multi/manage/system_session
- post/multi/manage/upload_exec
- post/multi/manage/zip
Authors
- timwr
Version
This page has been produced using Metasploit Framework version 6.1.24-dev. For more modules, visit the Metasploit Module Library.
Go back to menu.
