Metasploit for Pentester: Clipboard

In this series of articles, we will be focusing on the various mechanisms of the Metasploit Framework that can be used by Penetration Testers. Here, we will be discussing the External API extension provided by Metasploit. Among other things, it provides the ability to target the clipboard of the target.

Table of Content

Introduction
Starting Clipboard Monitoring
Getting a File from Clipboard
Dumping Clipboard Data
Pausing the Clipboard Capture
Purging Clipboard Capture
Setting Clipboard Data
Stopping Clipboard Capture
Conclusion

During the late 2014s, the Metasploit got an update featuring a functionality similar to the OJ TheColonial Reeves Extended API (extapi). It is originally intended for the Windows targets only, but it was refined and developed over time. It included 3 functionalities:

Service Management: With the help of this Meterpreter users will be provided a service management interface. It will allow them to get a more detailed read of services running on the target, including the start-up status and services that can interact with the desktop.

Window Management: With the help of this users will be able to enumerate all open Windows. This will help the penetration testers to find out if the target is worth connecting via…