meterpreter >
You’ll see that the exploit runs exactly the same as it did before.
The only difference
between these two exploit runs is the payload, which doesn’t impact the exploit at all.
It only presents us with a different interface to the system. Meterpreter is a great
interface that will give you quick and easy access to functions you wouldn’t get from
just the command interpreter.
Using Meterpreter
Once we
have our Meterpreter shell, we can start using it to gather information. We
can download files. We can upload files. We can get file and process listings. I’ve men‐
tioned before that Meterpreter is operating system agnostic. This means that the same
set of commands will work no matter what operating system has been compromised.
It also means that when you are looking at processes or file listings, you don’t need to
know the specifics about the operating system or the operating system commands.
Instead, you just need to know the Meterpreter commands.
Keep in mind that not all exploits will use the Meterpreter payload.
More than that, not all exploits will be capable of using a Meterpr‐
eter payload. Everything in this section
is relevant only when you
are able to use a Meterpreter-based payload.
While exploiting and gaining access to systems is definitely a start, it’s not the end
goal, or at least it isn’t commonly the end goal. After all, when you are performing
security testing, you may be asked to see how far you can go, just as an attacker
would. Meterpreter provides easy access to functions that
will allow us to get deeper
into the network by using a technique called
pivoting
. Pivoting can be accomplished
with a post-exploitation module. Post-exploitation modules can also be used to
gather a lot of details about the system and users.
One thing to note about the post-exploitation modules is that they are operating sys‐
tem specific. This is different from the Meterpreter commands themselves. Instead,
the post-exploitation modules are Ruby scripts, just
as the exploit and auxiliary
scripts are. They get loaded and executed through the connection between your Kali
system and the target system. A Windows system has gather, manage, and capture
modules. Linux and macOS have only gather modules.
