Meterpreter Post-Exploitation Cheatsheet
To run any Metasploit module within a meterpreter session, run the following command. Keep the module options into consideration while executing
- Running Metasploit modules within a meterpreter session
meterpreter> run <path/to/module> <ARGS>=<Value>- Example
meterpreter > run auxiliary/scanner/portscan/tcp RHOSTS=192.168.0.0/24 PORTS=1-65535 VERBOSE=true
- Example
- Locate Windows Post-Exploitation Enumeration & Discovery Modules
- Windows Discovery
msf6> search post/windows/gather
- Windows Enumeration
msf6> search post/windows/recon
- Relevant Scanners
msf6> search auxiliary/scanner/portscanmsf6> search auxiliary/scanner/ftp
- Windows Discovery
- Locate Windows Post-Exploitation Session Management Modules
msf6> search post/windows/manage
- Locate Windows Post-Exploitation Escalation Modules
msf6> search post/windows/escalate
- Locate system agnostic Post-Exploitation modules
msf6> search post/multi/- Recon
msf6> search post/multi/recon
- Session Management
msf6> search post/multi/manage
- Recon