Metasploit is a security project
or we can say a framework provided to us in order to run exploit code in the
target’s PC.
Metasploit in current scenario
includes more than 1600 exploits. It has more than 420 payloads right now which
includes command shell, Meterpreter etc.
Meterpreter is generated only
when the session is created. It helps in gaining full access of the target
machine.
Once the meterpreter is generated
we can have full access of the target machine. Meterpreter includes more than
300 commands which can help us in exploiting the target machine. Help command
is the most basic meterpreter command which will provide us all the commands
which can be performed on the target machine.
Some of the meterpreter commands are given below:
Sysinfo
This command will provide the
system’s information of the victim. It will provide us every detail of the
victim’s PC such as architecture, Operating system in the target machine, how
many users are logged in into that machine, system’s language.
Getuid
This command will provide the identification of the user of
the remote PC.
Getprivs
This command check the privilege
present in the remote PC. If the enabled process privileges are less than the
current working user is not the admin.
Pwd
Pwd stands for present working directory. It
shows the current working directory in the remote PC.
The image above clearly shows that the user is currently in
the Downloads.
PS
PS command here stands for process. It will show all the
running processes in the remote PC.
The image above is providing all the running processes
followed by the process id in the victim’s PC.
Keylogger
Keylogger includes 3 basic functions:
keyscan_start
This command will start scanning the keyboard activity of
the remote PC.
keyscan_dump
This command will dump the keyboard activity of the remote
PC i.e,it will capture the input and display on our screen .
keyscan_stop
This command will stop scanning the keyboard activity of the
remote PC.
As we can clearly see in the above given image that the
input given by the victim is visible to us.
Show_mount
This command will show all the
drives present in the remote PC. The drives with the
total size and available size in target’s PC is displayed below.
Screenshot
By using this command screenshot
of the remote PC is captured and is saved in our PC. The path is also provided
where the screenshot is saved as shown in the image below.
Upload
By using this command we can upload any file into the
victim’s PC.
To upload the file in remote PC
we have to provide the path of the file with the filename and extension of the
file as well as the destination where we want to upload.
Download
By using this command we can download any file from the victim’s
PC.
To download the file we have to
first provide the path from where we want to download followed by the file name
and extension of the file. In the last we have to add the path where we want to
save that downloaded file.
Shell
Shell command will provide us the
access of the command prompt of the remote PC. After having access of the
command prompt we can use any cmd command to exploit victim’s PC.
Getsid
In this command sid stands for
security identifier. This command will provide the server sid.
Ipconfig
This command will tell us the IP Address
of the remote PC. We will also be able to know the Mac Address of the remote
PC.
Background
This command will send the
current active meterpreter session to the background. If you want to go back on
the previous session just write sessions and then we will be able to see the
active session in our PC. If there is more than one session then we only have
to write sessions followed by the session id and we will have the access of
that machine whose session id we just selected.
Migrate
This command helps in transferring the current going process
from one port to another port.
As you can see in the image above
we have transferred the current going process from port no 3872 to port no 2224.
Reboot
This command will reboot the remote PC.
Webcam_snap
This command will take a snap of the remote PC.
As you can see the above given image is the snap taken by
the remote PC.
Getpid
This command will provide us the
process id of the current running process. The current running process in the
target machine has process id 9040 which is displayed in the below provided
image.
Localtime
This command will just show us the date and time of the
remote PC.
Checksum
This command will provide the hash value of the given file.
We just have to write the command followed by the name of the file as well as
the extension of it. Hash value is basically the value distinctly generated for
every file to maintain the integrity of the file. If there is any kind of
modification in the file the hash value is changed even if there is a
modification of a single character.
The above given image provides the hash value of the file
kJMKzE.
Thank You for reading this
article. We will be discussing about
more meterpreter commands in the next article.
0 comments:
Post a Comment