Preface
This method of data packet capture is mainly aimed at when the attacker gets a meterpreter but the target target machine only opens a few service ports, but we cannot find a better penetration attack method for the time being, we can use this method to further penetrate the target The system discovers what service information the target and the outside world have.
Take advantage of the display
First get a meterpreter from the target host, the authority is SYSTEM
Load the sniffer module and check which network cards the target host has started
Choose which network card to listen to and export the listened data to packet format
There are two ways to open the packet content, one is to use the wireshark graphical tool to open, the other is to use auxiliary/sniffer/psnuffle
use auxiliary/sniffer/psnuffle
set pcapfile /root/Desktop/2.cap
run
This module will automatically analyze which services the host has executed