Meterpreter Useful Top 60 Commands List – 2017 Update

Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime. It communicates over the stager socket and provides a comprehensive client-side Ruby API.

How Meterpreter Works

  • The target executes the initial stager. This is usually one of bind, reverse, findtag, passivex, etc.
  • The stager loads the DLL prefixed with Reflective. The Reflective stub handles the loading/injection of the DLL.
  • The Metepreter core initializes, establishes a TLS/1.0 link over the socket and sends a GET. Metasploit receives this GET and configures the client.
  • Lastly, Meterpreter loads extensions. It will always load stdapi and will load priv if the module gives administrative rights. All of these extensions are loaded over TLS/1.0 using a TLV protocol.

Here we’re listing out some useful commands of meterpreter as follows:

  1. Background the current session – background
  2. Kill a background meterpreter session – bgkill
  3. Displays info about active channels – channel
  4. Close a channel – close
  5. Disables encoding of unicode strings – disable_unicode_encoding
  6. Enable encoding of unicode strings – enable_unicode_encoding
  7. Exit meterpreter shell – exit
  8. Display info about active post module – info
  9. Interact with a channel – interact
  10. Drop into irb scripting mode – irb
  11. Load one or more meterpreter extensions – load
  12. Migrate the server to another – migrate
  13. Terminate the meterpreter sessions – quit
  14. Reads data from a channel – read
  15. Run the commands stored in a file – resource
  16. Executes a meterpreter script or post module – run
  17. Write data to a channel – write
  18. Read the contents of a file to the screen – cat
  19. Change directory – cd
  20. Download file to your system – download
  21. Edit a file – edit
  22. Print local working directory – getlwd
  23. Print working directory – getwd
  24. Change local working directory – lcd
  25. Print local working directory – lpwd
  26. List files – ls
  27. Make directory – mkdir
  28. Print working directory – pwd
  29. Delete the speficied file – rm
  30. Remove directory – rmdir
  31. Search for files – search
  32. Upload file to target – upload
  33. Get the current meterpreter desktop – getdesktop
  34. Display the amoung of time the user has been idle – idletime
  35. Start capturing keystrokes – keyscan_start
  36. Stop capturing keystrokes – keyscan_stop
  37. Dump the keystroke buffer – keyscan_dump
  38. Screenshot of the GUI – screenshot
  39. Change the meterpreters current desktop – setdesktop
  40. Control some of the user interface components – uictl
  41. List webcams – webcam_list
  42. Take a snapshot from the specified webcam – webcam_snap
  43. Attempt to elevate your priviledge to that of local system – getsystem
  44. Dumps the contents of the SAM database – hashdump
  45. Manipulate MACE attributes – timestop
  46. Clear the event log – clearev
  47. Relinquishes any active impersonation token – drop_token
  48. Execute a command – execute
  49. Get the current process identifier – getpid
  50. Attempt to enable all privileges available to the current process – getprivs
  51. Get the user that the server is running as – getuid
  52. Terminate a process – kill
  53. List running processes – ps
  54. Reboots the remote computer – reboot
  55. Interact with remote registry – reg
  56. Calls RevertToSelf() on the remote machine – rev2self
  57. Drop into a system command shell – shell
  58. Shuts down the remote computer – shutdown
  59. Attempt to steal an Impersonation token from the process – steal_token
  60. Gets information about the remote system – sysinfo

Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.


Leave a Reply

Your email address will not be published. Required fields are marked *

1 × 4 =