I am still new to Metasploit and I am trying to explore the following module:
1- Module Name: exploit/windows/local/applocker_bypass
I did:
1- use exploit/windows/local/applocker_bypass
2- set TARGET Tager_Windows_Machine
Now I need to set the SESSION Attribute, but I am not able to find out what value should I put in order for this exploit to work.
You must first have a working Meterpreter or a handler session that has received an incoming shell (these are the interpreter environments that provide an implant, or backdoor payload, to the system(s) under target). Typically, a handler session can be upgraded to Meterpreter using the sessions -u <selected session> flag. The module you specified is a post-exploitation module -- meaning that you must have already exploited the target(s) in order to utilize it.
Recommend that you get a copy of Cyber Operations: Building, Defending, and Attacking Modern Computer Networks or another book that can help. The reason that I recommend this book is because it walks the reader through generating document-based malware with set filename before introducing the more-advanced methods of generating malware, such as via msfvenom, the backdoor factory, or shellter (although, instead of shellter, the book covers a more-outdated antivirus-bypass framework named Veil-Evasion). It's chapter 10 covers how to create, activate a communications channel, install/persist, and analyze malware -- all a great, complete introduction to the subject matter.
For some additional background on bypassing AppLocker, check out this resource as it contains a lot of information on more-generic bypasses that do not even require the metasploit-framework's post-exploitation module -- http://en.wooyun.io/2016/01/28/Bypass-Windows-AppLocker.html
