https://lms.onnocenter.or.id/wiki/index.php?action=history&feed=atom&title=MSF%3A_meterpreter_commandMSF: meterpreter command - Revision history2026-04-20T15:59:39ZRevision history for this page on the wikiMediaWiki 1.45.1https://lms.onnocenter.or.id/wiki/index.php?title=MSF:_meterpreter_command&diff=52984&oldid=prevOnnowpurbo: Created page with "Sumber: https://null-byte.wonderhowto.com/how-to/hack-like-pro-ultimate-command-cheat-sheet-for-metasploits-meterpreter-0149146/ Step 1Core Commands At its most basic use, m..."2018-12-07T22:21:18Z<p>Created page with "Sumber: https://null-byte.wonderhowto.com/how-to/hack-like-pro-ultimate-command-cheat-sheet-for-metasploits-meterpreter-0149146/ Step 1Core Commands At its most basic use, m..."</p>
<p><b>New page</b></p><div>Sumber: https://null-byte.wonderhowto.com/how-to/hack-like-pro-ultimate-command-cheat-sheet-for-metasploits-meterpreter-0149146/<br />
<br />
Step 1Core Commands<br />
<br />
At its most basic use, meterpreter is a Linux terminal on the victim's computer. As such, many of our basic Linux commands can be used on the meterpreter even if it's on a Windows or other operating system.<br />
<br />
Here are some of the core commands we can use on the meterpreter.<br />
<br />
? - help menu<br />
background - moves the current session to the background<br />
bgkill - kills a background meterpreter script<br />
bglist - provides a list of all running background scripts<br />
bgrun - runs a script as a background thread<br />
channel - displays active channels<br />
close - closes a channel<br />
exit - terminates a meterpreter session<br />
help - help menu<br />
interact - interacts with a channel<br />
irb - go into Ruby scripting mode<br />
migrate - moves the active process to a designated PID<br />
quit - terminates the meterpreter session<br />
read - reads the data from a channel<br />
run - executes the meterpreter script designated after it<br />
use - loads a meterpreter extension<br />
write - writes data to a channel<br />
<br />
Step 2File System Commands<br />
<br />
cat - read and output to stdout the contents of a file<br />
cd - change directory on the victim<br />
del - delete a file on the victim<br />
download - download a file from the victim system to the attacker system<br />
edit - edit a file with vim<br />
getlwd - print the local directory<br />
getwd - print working directory<br />
lcd - change local directory<br />
lpwd - print local directory<br />
ls - list files in current directory<br />
mkdir - make a directory on the victim system<br />
pwd - print working directory<br />
rm - delete a file<br />
rmdir - remove directory on the victim system<br />
upload - upload a file from the attacker system to the victim<br />
<br />
Step 3Networking Commands<br />
<br />
ipconfig - displays network interfaces with key information including IP address, etc.<br />
portfwd - forwards a port on the victim system to a remote service<br />
route - view or modify the victim routing table<br />
<br />
Step 4System Commands<br />
<br />
clearav - clears the event logs on the victim's computer<br />
drop_token - drops a stolen token<br />
execute - executes a command<br />
getpid - gets the current process ID (PID)<br />
getprivs - gets as many privileges as possible<br />
getuid - get the user that the server is running as<br />
kill - terminate the process designated by the PID<br />
ps - list running processes<br />
reboot - reboots the victim computer<br />
reg - interact with the victim's registry<br />
rev2self - calls RevertToSelf() on the victim machine<br />
shell - opens a command shell on the victim machine<br />
shutdown - shuts down the victim's computer<br />
steal_token - attempts to steal the token of a specified (PID) process<br />
sysinfo - gets the details about the victim computer such as OS and name<br />
<br />
Step 5User Interface Commands<br />
<br />
enumdesktops - lists all accessible desktops<br />
getdesktop - get the current meterpreter desktop<br />
idletime - checks to see how long since the victim system has been idle<br />
keyscan_dump - dumps the contents of the software keylogger<br />
keyscan_start - starts the software keylogger when associated with a process such as Word or browser<br />
keyscan_stop - stops the software keylogger<br />
screenshot - grabs a screenshot of the meterpreter desktop<br />
set_desktop - changes the meterpreter desktop<br />
uictl - enables control of some of the user interface components<br />
<br />
Step 6Privilege Escalation Commands<br />
<br />
getsystem - uses 15 built-in methods to gain sysadmin privileges<br />
<br />
Step 7Password Dump Commands<br />
<br />
hashdump - grabs the hashes in the password (SAM) file<br />
<br />
Note that hashdump will often trip AV software, but there are now two scripts that are more stealthy, "run hashdump" and "run smart_hashdump". Look for more on those on my upcoming meterpreter script cheat sheet.<br />
Step 8Timestomp Commands<br />
<br />
timestomp - manipulates the modify, access, and create attributes of a file<br />
<br />
<br />
<br />
<br />
<br />
==Referensi==<br />
<br />
* https://null-byte.wonderhowto.com/how-to/hack-like-pro-ultimate-command-cheat-sheet-for-metasploits-meterpreter-0149146/<br />
<br />
<br />
==Pranala Menarik==<br />
<br />
* [[Metasploit]]</div>Onnowpurbo