Meterpreter

Manage Meterpreter and Shell Sessions | Metasploit Documentationdocs.rapid7.com

Metasploit Unleashed | About the Metasploit Meterpreterwww.offsec.com

Meterpreter

Useful commands:

1. ?

• View a list of available commands

1. help

• Displays the help menu

1. background

• Sends the current Meterpreter session into the background, and returns to the msf prompt

• Use the session -i command to get back to the Meterpreter session

1. cat, cd, pwd, ls

• Similar to the Linux command line

1. hashdump

• Dumps the contents of the SAM database

• The Security Accounts Manager (SAM) is a database file in Windows that contains usernames and passwords

1. shell

• Presents a standard shell on the target system

1. ps

• List running processes

Eg. Find all processes running explorer.exe

meterpreter> ps | grep "explorer.exe"

1. migrate

• Migrate to another process

• Useful for impersonating another user session

1. download

• To download a file from the remote machine

• Note the use of the double-slashes in the Windows path

meterpreter> download c:\\users\test\file.txt

1. load

Metasploit Unleashed | Python Extensionwww.offsec.com

Eg. powershell

meterpreter> load powershell

meterpreter> help
powershell_shell
powershell_xxxx
...

meterpreter> powershell_shell
PS> 

Keylogger

Metasploit Unleashed | Keyloggingwww.offsec.com