Introduction:
This technique aims to teach students how to access a victim machine illegally through a remote desktop connection. This technique allows students to penetrate Windows Operating System without depending on payload clicks by users (If the access is through Microsoft RDP). The forged user account must be created during an active backdoor session and use a complex password to create the account successfully. Note: One Meterpreter session must remain active.
Disclaimer: This article is suitable for intermediate and expert users and only for education.
a) Command: run getgui -e -u -p
b) Example: run getgui -e -u netadmin -p P@ssw0rd
Note: New user successfully created and automatically be part of the administrator group
Note:
1) Use the complex password to add the user.
2) Access to the target machine through Microsoft Remote Desktop or through Metasploit module.
Updated: