This following link has an example of uploading via a meterpreter script:
hope it helps.
On Fri, 7 Nov 2008, Bryan Richardson wrote:
> Good Morning HD,
> Thanks for the suggestions. Any chance you can point me to some sample
> Meterpreter script code that uploads files to the exploited machine?
> On Thu, Nov 6, 2008 at 8:19 PM, H D Moore <[EMAIL PROTECTED]> wrote:
> > On Thursday 06 November 2008, Bryan Richardson wrote:
> > > I'm wanting to write a Meterpreter script that can sniff traffic from
> > > an exploited Windows host. I *think* there is some built-in pcap
> > > functionality already in the Metasploit framework... is this correct?
> > > If so, can it be used in a script that can be ran from Meterpreter?
> > The Pcap stuff in Metasploit only works on the attacker's machine, it
> > doesnt extend through any of the payloads. The easiest way to accomplish
> > your goal is to write a Win32 sniffer as a Meterpreter extension and
> > implement a command protocol for start, stopping, and gathering data from
> > this extension. Alternatively, just write a meterpreter script that
> > uploads an existing sniffer, execute it "channelized", and parse the
> > output to find what you are looking for.
> > > Also, before I do this... does there happen to be a payload that
> > > already exists that can do this for me (or even one that does an nmap
> > > scan)? I took a little time to examine all the payloads that already
> > > exist, but none really jumped out at me as being able to do this sort
> > > of thing.
> > None of the existing payloads can do this.
> > -HD
> > _______________________________________________
> > Framework-Hackers mailing list
> > Framework-Hackers@spool.metasploit.com
> > http://spool.metasploit.com/mailman/listinfo/framework-hackers
Framework-Hackers mailing list