Upgrading Your Command Shell to Meterpreter
One of the newer features in the Metasploit Framework is its ability to upgrade a command shell payload to a Meterpreter payload once the system has been exploited, by issuing the sessions -u
command. This is useful if we use a command shell payload as an initial stager and then find that this newly exploited system would make the perfect launching pad for further attacks into the network. Let’s look at a quick example from start to finish using MS08-067 with a reverse command shell as the payload, and upgrade it to a Meterpreter shell.
root@bt:/opt/framework3/msf3#msfconsole
msf >search ms08_067
[*] Searching loaded modules for pattern 'ms08_067'... Exploits ======== Name Rank Description ---- ---- ...
Get Metasploit now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.