{"id":5168,"date":"2019-03-26T14:49:00","date_gmt":"2019-03-26T09:19:00","guid":{"rendered":"https:\/\/www.getastra.com\/blog\/cms\/meterpreter-commands-post-exploitation\/"},"modified":"2025-09-03T17:16:52","modified_gmt":"2025-09-03T11:46:52","slug":"meterpreter-commands-post-exploitation","status":"publish","type":"post","link":"https:\/\/www.getastra.com\/blog\/security-audit\/meterpreter-commands-post-exploitation\/","title":{"rendered":"Meterpreter Commands – Post Exploitation"},"content":{"rendered":"\n

This is a continuation of our previous article<\/a> where we got meterpreter access of our victim Windows XP machine. In this article, we will look at some of the top meterpreter command <\/strong>available in meterpreter which will help us in performing the Post Exploitation with the maximum ease.<\/p>\n\n\n\n

<\/span>1. Meterpreter Commands: Upload <\/strong>Meterpreter Command<\/span><\/h2>\n\n\n\n

The Upload command allows us to upload files from attacker kali machine to victim Windows XP machine as shown below:<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

<\/span>2. Meterpreter Commands:<\/strong> Getuid<\/strong> Meterpreter Command<\/span><\/h2>\n\n\n\n

The Getuid command gives us information about the currently logged-in user. This information is useful in privilege escalation as it will help us in determining the privileges the Meterpreter session is running currently, based on the exploited process\/user.<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

<\/span>3. Meterpreter Commands:<\/strong> PS <\/strong>Meterpreter Command<\/span><\/h2>\n\n\n\n

The PS command is used to view a list of running processes in victim Windows XP machine as shown below:<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

<\/span>4. Meterpreter Commands:<\/strong> Migrate<\/strong> Meterpreter Command <\/span><\/h2>\n\n\n\n

The Migrate command allows our meterpreter session to migrate between any of the currently running processes in victim machine, this command is useful when we feel that the process in which we originally have meterpreter session may not be open for a long time or it is unstable. we can know all possible options available for migrate command by entering run migrate -h <\/strong>as shown below:<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

Now we will migrate to a more stable process, let us say, explorer.exe by using migrate command (run migrate -p 1512<\/strong>) as shown below:<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

<\/span>5. Meterpreter Commands:<\/strong> Getsystem <\/strong>Meterpreter Command<\/span><\/h2>\n\n\n\n

The Getsystem command will make meterpreter try a group of well known local privilege escalation exploits against the target and you will find that we have successfully elevated privileges to that of the local system as shown below:<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

<\/span>6. Meterpreter Commands:<\/strong> Hashdump<\/strong> Meterpreter Command<\/span><\/h2>\n\n\n\n

The Hashdump command helps us to retrieve the password hashes from the victim Windows XP machine as shown below:<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

<\/span>7. Meterpreter Commands:<\/strong> Shell<\/strong> Meterpreter Command<\/span><\/h2>\n\n\n\n

The Shell command gives us a standard shell on the Windows XP Target as shown below:<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

<\/span>8. Meterpreter Commands:<\/strong> The search<\/strong> Meterpreter Command<\/span><\/h2>\n\n\n\n

The search command is used to search for specific files on the Windows XP victim machine. The command can search through the entire system or in specific folders as shown below:<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

<\/span>9. Meterpreter Commands:<\/strong> The clearev <\/strong>Meterpreter Command<\/span><\/h2>\n\n\n\n

The clearev command can be used to clear all the System, Application and Security logs from victim Windows XP machine as shown below:<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

<\/span>10. Meterpreter Commands:<\/strong> Sysinfo<\/strong> Meterpreter Command<\/span><\/h2>\n\n\n\n

The Sysinfo Meterpreter command displays the information about the victim exploited Windows XP machine like Name, OS Type, Architecture,Domain and Language.<\/p>\n\n\n\n

\"\"\/<\/figure><\/div>\n\n\n\n

The help<\/strong> command displays meterpreter help menu with a list of commands which can be executed in meterpreter against the Target Windows XP machine.<\/p>\n\n\n\n

Reference:<\/strong> Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman.<\/p>\n\n\n\n