Meterpreter is an advanced, stealthy, powerful and extensible post exploitation tool that uses in-
memory DLL injection stagers and is extended over the network at runtime. It communicates
over the stager socket and provides a comprehensive client-side Ruby API.

Useful Meterpreter third party scripts
Once you have successfully compromised a target, you could use the scripts below within a
Meterpreter shell in order to retrieve valuable information. To run one of the scripts below enter
run followed by the name of the script, for ex. run winenum.

  • Grab system information and the entire registry with scraper script,
  • dump tokens, hashes and more with winenum,
  • enumerate system information through wmic using remotewinenum,
  • add entries to the Windows hosts file using hostsedit,
  • get the local subnet mask of the victim with script get_local_subnets,
  • disable most antivirus programs running as a service with killav script,
  • gettelnet script will enable telnet,
  • enable RDP with script getgui,
  • disable security measures such as antivirus, firewall, and more with getcountermeasure,
  • check to see if you exploited a virtual machine, checkvm.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s