Advanced post exploitation with Metasploit

In this section, we will use the information gathered from basic commands to achieve further success and access levels on the target.

Migrating to safer processes

As we saw in the previous section, our meterpreter session was loaded from a temporary file. However, if a user of a target system finds the process unusual, they can kill the process, which will kick us out of the system. Therefore, it is a good practice to migrate to a safer process, such as explorer.exe or svchost.exe, which evades the eyes of the victim, by using the migrate command. We can use the ps command to figure out the PID of the process we want to jump to, as shown in the following screen:

We can see that the PID of explorer.exe ...

Get Mastering Metasploit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Metasploit by Nipun Jaswal

Advanced post exploitation with Metasploit

Migrating to safer processes

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly