This is a continuation of our previous article where we got meterpreter access of our victim Windows XP machine. In this article, we will look at some of the top meterpreter command available in meterpreter which will help us in performing the Post Exploitation with the maximum ease.
1. Meterpreter Commands: Upload Meterpreter Command
The Upload command allows us to upload files from attacker kali machine to victim Windows XP machine as shown below:
2. Meterpreter Commands: Getuid Meterpreter Command
The Getuid command gives us information about the currently logged-in user. This information is useful in privilege escalation as it will help us in determining the privileges the Meterpreter session is running currently, based on the exploited process/user.
3. Meterpreter Commands: PS Meterpreter Command
The PS command is used to view a list of running processes in victim Windows XP machine as shown below:
4. Meterpreter Commands: Migrate Meterpreter Command
The Migrate command allows our meterpreter session to migrate between any of the currently running processes in victim machine, this command is useful when we feel that the process in which we originally have meterpreter session may not be open for a long time or it is unstable. we can know all possible options available for migrate command by entering run migrate -h as shown below:
Now we will migrate to a more stable process, let us say, explorer.exe by using migrate command (run migrate -p 1512) as shown below:
5. Meterpreter Commands: Getsystem Meterpreter Command
The Getsystem command will make meterpreter try a group of well known local privilege escalation exploits against the target and you will find that we have successfully elevated privileges to that of the local system as shown below:
6. Meterpreter Commands: Hashdump Meterpreter Command
The Hashdump command helps us to retrieve the password hashes from the victim Windows XP machine as shown below:
7. Meterpreter Commands: Shell Meterpreter Command
The Shell command gives us a standard shell on the Windows XP Target as shown below:
8. Meterpreter Commands: The search Meterpreter Command
The search command is used to search for specific files on the Windows XP victim machine. The command can search through the entire system or in specific folders as shown below:
9. Meterpreter Commands: The clearev Meterpreter Command
The clearev command can be used to clear all the System, Application and Security logs from victim Windows XP machine as shown below:
10. Meterpreter Commands: Sysinfo Meterpreter Command
The Sysinfo Meterpreter command displays the information about the victim exploited Windows XP machine like Name, OS Type, Architecture,Domain and Language.
The help command displays meterpreter help menu with a list of commands which can be executed in meterpreter against the Target Windows XP machine.
Reference: Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman.
Greets, I’m following your article, in 1st part we get access to Windows c:\windows\system32, but in 2nd article, you’re using meterpreter>, how can i change to meterpreter?
Thanks
You can upgrade a normal shell to a meterpreter shell by running “sessions -u {N}” where N is the session number of the normal shell. e.g. “sessions -u 1”
I have the same problem.
Use windows/meterpreter/reverse_tcp for the payload.