Skip to content

How to use Railgun for Windows post exploitation

sinn3r edited this page Jul 30, 2014 · 74 revisions

Railgun is a very powerful post exploitation feature exclusive to Windows Meterpreter. It allows you to have complete control of your target machine's Windows API, or you can use whatever DLL you find and do even more creative stuff with it. There are actually quite a few developers and contributors behind Railgun, but the main ones are: Patrick HVE, who originally authored it in Jun 2010. Stephen Fewer: who added x64 supported a few months later. Chao-mu: who made additional major improvements in 2011. As well as others: Ben Cambell, OJ Reeves, and of course, formal and current full-time Metasploit developers, etc. Railgun is also very popular in conference talks, white papers, blogs, pentesting courses... etc, so if you've already heard about it, we are not surprised. If not, you are missing out. If you're a penetration tester and have not heard about Railgun, shame on you.

Metasploit Wiki Pages


Clone this wiki locally