WINDOWS 7 - DESKTOP SCREEN GRABBING
- Layout for this exercise:
- Windows systems automatically create an interactive window station. When an interactive user logs on, the system associates the interactive window station with the user logon session. The system also creates the default input desktop for the interactive window station (WinSta0\Default). Processes started by the logged-on user are associated with the WinSta0\Default desktop. In other words, WinSta0 stations is used to interact with users:
- The
command enumdesktops enumerates all accessible desktops:
- Checking
that the active desktop is interactive:
- Loading
espia extension from meterpreter:
- Then, screengrab command allows to grab a screenshot from active desktop at the victim's machine. The picture is saved under the path /root, receiving a .jpeg extension:
