Working with RailGun
RailGun sounds like a gun set on rails; however, this is not the case. It is much more powerful than that. RailGun allows you to make calls to a Windows API without the need to compile your own DLL.
It supports numerous Windows DLL files and eases the way for us to perform system-level tasks on the victim machine. Let's see how we can perform various tasks using RailGun and perform some advanced post-exploitation with it.
Interactive Ruby shell basics
RailGun requires the irb
shell to be loaded into meterpreter. Let's look at how we can jump to the irb
shell from meterpreter:
We can see in the preceding screenshot that simply typing in irb
from meterpreter drops us into the Ruby-interactive shell. We can perform a variety of tasks with the Ruby shell and can execute any Linux command from here.
Understanding RailGun and its scripting
RailGun gives us immense power to perform tasks that Metasploit can not perform. We can raise exceptions to any DLL file from the breached system...