Security Audit

Meterpreter Commands – Post Exploitation

Updated on: May 4, 2022

Meterpreter Commands – Post Exploitation

This is a continuation of our previous article where we got meterpreter access of our victim Windows XP machine. In this article, we will look at some of the top meterpreter command available in meterpreter which will help us in performing the Post Exploitation with the maximum ease.

1. Meterpreter Commands: Upload Meterpreter Command

The Upload command allows us to upload files from attacker kali machine to victim Windows XP machine as shown below:

2. Meterpreter Commands: Getuid Meterpreter Command

The Getuid command gives us information about the currently logged-in user. This information is useful in privilege escalation as it will help us in determining the privileges the Meterpreter session is running currently, based on the exploited process/user.

3. Meterpreter Commands: PS Meterpreter Command

The PS command is used to view a list of running processes in victim Windows XP machine as shown below:

4. Meterpreter Commands: Migrate Meterpreter Command

The Migrate command allows our meterpreter session to migrate between any of the currently running processes in victim machine, this command is useful when we feel that the process in which we originally have meterpreter session may not be open for a long time or it is unstable. we can know all possible options available for migrate command by entering run migrate -h as shown below:

Now we will migrate to a more stable process, let us say, explorer.exe by using migrate command (run migrate -p 1512) as shown below:

5. Meterpreter Commands: Getsystem Meterpreter Command

The Getsystem command will make meterpreter try a group of well known local privilege escalation exploits against the target and you will find that we have successfully elevated privileges to that of the local system as shown below:

6. Meterpreter Commands: Hashdump Meterpreter Command

The Hashdump command helps us to retrieve the password hashes from the victim Windows XP machine as shown below:

7. Meterpreter Commands: Shell Meterpreter Command

The Shell command gives us a standard shell on the Windows XP Target as shown below:

8. Meterpreter Commands: The search Meterpreter Command

The search command is used to search for specific files on the Windows XP victim machine. The command can search through the entire system or in specific folders as shown below:

9. Meterpreter Commands: The clearev Meterpreter Command

The clearev command can be used to clear all the System, Application and Security logs from victim Windows XP machine as shown below:

10. Meterpreter Commands: Sysinfo Meterpreter Command

The Sysinfo Meterpreter command displays the information about the victim exploited Windows XP machine like Name, OS Type, Architecture,Domain and Language.

The help command displays meterpreter help menu with a list of commands which can be executed in meterpreter against the Target Windows XP machine.

Reference: Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman.

Was this post helpful?


Barath is an Information Security Analyst at Astra. Passionate about Offensive Security, when he isn’t glued to a computer screen, he spends his time playing Video Games or watching movies. He is currently exploring Penetration Testing on his path to achieving OSCP.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Newest Most Voted
Inline Feedbacks
View all comments
3 years ago

Greets, I’m following your article, in 1st part we get access to Windows c:\windows\system32, but in 2nd article, you’re using meterpreter>, how can i change to meterpreter?

1 year ago
Reply to  Ismael

You can upgrade a normal shell to a meterpreter shell by running “sessions -u {N}” where N is the session number of the normal shell. e.g. “sessions -u 1”

Chaos Engine
Chaos Engine
1 year ago
Reply to  Ismael

I have the same problem.

2 years ago

Use windows/meterpreter/reverse_tcp for the payload.

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include a vulnerability scanner, firewall, malware scanner and pentests to protect your site from the evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany