Skip to main content

BEST METERPRETER COMMANDS



How to Hack: Ultimate Metasploit Meterpreter Command 


Many of you have probably heard about the MetaSploit Meterpreter Shell. A number of you have probably even used it. But some of you are probably wondering, “What are all the commands for Meterpreter?” Well, here we have a comprehensive list of all the different commands you can use withing Metasploit Meterpreter. You may want to print this out or bookmark it for future reference.

Step 1: Core Commands
At its most basic use, meterpreter is a Linux terminal on the victim’s computer. As such, many of our basic Linux commands can be used on the meterpreter even if it’s on a Windows or other operating system.

 Here are some of the core commands we can use on the meterpreter.

 ? - help menu

 background - moves the current session to the background

 bgkill - kills a background meterpreter script

 bglist - provides a list of all running background scripts

 bgrun - runs a script as a background thread

 channel - displays active channels

 close - closes a channel

 exit - terminates a meterpreter session

 help - help menu

 interact - interacts with a channel

 irb - go into Ruby scripting mode

 migrate - moves the active process to a designated PID

 quit - terminates the meterpreter session

 read - reads the data from a channel

 run - executes the meterpreter script designated after it

 use - loads a meterpreter extension

 write - writes data to a channel

 Step 2: File System Commands

 cat - read and output to stdout the contents of a file

 cd - change directory on the victim

 del - delete a file on the victim

 download - download a file from the victim system to the attacker system

 edit - edit a file with vim

 getlwd - print the local directory

 getwd - print working directory

 lcd - change local directory

 lpwd - print local directory

 ls - list files in current directory

 mkdir - make a directory on the victim system

 pwd - print working directory
rm - delete a file

 rmdir - remove directory on the victim system

 upload - upload a file from the attacker system to the victim

 Step 3: Networking Commands

 ipconfig - displays network interfaces with key information including IP address, etc.

 portfwd - forwards a port on the victim system to a remote service

 route - view or modify the victim routing table

 Step 4: System Commands

 clearav - clears the event logs on the victim’s computer

 drop_token - drops a stolen token

 execute - executes a command

 getpid - gets the current process ID (PID)

 getprivs - gets as many privileges as possible

 getuid - get the user that the server is running as

 kill - terminate the process designated by the PID

 ps - list running processes

 reboot - reboots the victim computer

 reg - interact with the victim’s registry

 rev2self - calls RevertToSelf() on the victim machine

 shell - opens a command shell on the victim machine

 shutdown - shuts down the victim’s computer

 steal_token - attempts to steal the token of a specified (PID) process

 sysinfo - gets the details about the victim computer such as OS and name

 Step 5: User Interface Commands

 enumdesktops - lists all accessible desktops

 getdesktop - get the current meterpreter desktop

 idletime - checks to see how long since the victim system has been idle

 keyscan_dump - dumps the contents of the software keylogger

 keyscan_start - starts the software keylogger when associated with a process such as Word or browser

 keyscan_stop - stops the software keylogger

 screenshot - grabs a screenshot of the meterpreter desktop

 set_desktop - changes the meterpreter desktop

 uictl - enables control of some of the user interface components

 Step 6: Privilege Escalation Commands

 getsystem - uses 15 built-in methods to gain sysadmin privileges

 Step 7: Password Dump Commands
hashdump - grabs the hashes in the password (SAM) file
Note that hashdump will often trip AV software, but there are now two scripts that are more stealthy, “run hashdump” and “run smart_hashdump”. Look for more on those on my upcoming meterpreter script cheat sheet.

 Step 8: Timestomp Commands
timestomp - manipulates the modify, access, and create attributes of a file
Stay Tuned for More Meterpreter Tips

Comments

Post a Comment

Popular posts from this blog

HOW TO PATCH XBOX 360 GAMES USING ABGX360 AND PLAY (NO MOD CHIPPING)

THINGS WE NEED :- 1)XBOX 360 2)ABGX360 ( PATCHING SOFTWARE) 3)IMGBURN(TO WRITE IMAGE FILE TO DISC) 4) XBOX 360 GAME ISO FILE 5)DUAL LAYER DVD'S (THESE ARE THE ONCE WHICH XBOX CAN READ) TO DOWNLOAD THE ABOVE SOFTWARE'S GO TO ~ABGX360---> http://abgx360.net/download.php ~IMGBURN---> http://imgburn.com/index.php?act=download TO DUAL LAYER DVD'sGO TO INDIA--> http://www.flipkart.com/verbatim-dvd-r-dl-8-5gb-10-pack-spindle/p/itmczzcanjdg7vgv?pid=ACCCZZC9QQZEJSUV&otracker=from-search&srno=t_1&query=8gb+dvd&ref=6c0a22ab-dbdb-4e3b-8d23-99adaa918f5c USA--> http://www.amazon.com/Verbatim-Double-Recordable-3-Disc-95014/dp/B0002LEMWE NOTE:- THIS WILL ONLY WORK FOR COMPUTER'S WHICH CAN BURN OR READ DUAL LAYER DVD'S ONLY TO CHECK THAT YOU CAN DOWNLOAD NERO INFO TOOL HERE IS THE LINK--> http://www.nero.com/enu/support-nero8-tools-utilities.html NOW LET'S GET STARTED....... HERE THE MAIN THING YOU  NEED IS THE GAME ISO FIL...
Post a Comment
Read more

DOWNLOAD AN WORD-LIST OF 1.1 MILLION WORD'S

WORDLIST :- WORLISTS IS AN FILE WHICH CONTAINS ALL POSSIBILITY OF WORD'S. THESE ARE USED FOR HACKING LIKE :-AIRCRACK -NG ,HACKING WINDOWS ,BURTE FORCE ATTACK HERE IS THE WORDLIST WHICH I HAVE CREATED OF 1.1MILLION WORD'S DOWNLOAD LINK :- https://mega.co.nz/#!twQQkYAT!FwK-s5QcHXZrr2VC8eEFLCLWqE0t8gR_qMs1wuqgZAQ                                                                                   THANK YOU
1 comment
Read more

HOW TO DOS ATTACK AN WEBSITE USING KALI LINUX

THINGS WE NEED:- 1)KALI LINUX 2)METASPLOIT(MSFCONSOLE) 3)WEBSITE TO HACK NOW LETS GET STARTED...... NOW FIRST SELECT AN WEBSITE WHICH YOU WANT TO DSO ATTACK IT AFTER SELECTING OPEN AN TERMINAL AND TYPE :-PING WEBSITENAME.COM EXAMPLE :- PING GOOGLE.COM YOU WILL FIND SOME THING LIKE THIS NOW COPY OR NOTE THE IP ADDRES OF THE SITE GIVEN IN( ) IN THE SECOND LINE NOW OPEN AN TERMINAL AND TYPE:-   msfconsole NOW  TYPE:-use auxiliary/dos/tcp/synflood                                                                                                     NOW TYPE :- set INTERFACE ETH0(OR) WLAN0(OR) L0 (ENTER YOUR INTERFACE) AND NOW TYPE:- set RHOST  IP ADDRESS OF THE SITE  NOW TPYE:-   exploi...
Post a Comment
Read more