Typing help on any Meterpreter session (shown by meterpreter> at the prompt) will list all available commands.
meterpreter > help
Core Commands
=============
Command Description
------- -----------
? Help menu
background Backgrounds the current session
bg Alias for background
bgkill Kills a background meterpreter script
bglist Lists running background scripts
bgrun Executes a meterpreter script as a background thread
channel Displays information or control active channels
close Closes a channel[...]Meterpreter will provide you with three primary categories of tools;
- Built-in commands
- Meterpreter tools
- Meterpreter scripting
If you run the help command, you will see Meterpreter commands are listed under different categories.
- Core commands
- File system commands
- Networking commands
- System commands
- User interface commands
- Webcam commands
- Audio output commands
- Elevate commands
- Password database commands
- Timestomp commands
Please note that the list above was taken from the output of the help command on the Windows version of Meterpreter (windows/x64/meterpreter/reverse_tcp). These will be different for other Meterpreter versions.
Core commands will be helpful to navigate and interact with the target system. Below are some of the most commonly used. Remember to check all available commands running the help command once a Meterpreter session has started.
Core commands
background: Backgrounds the current session (Ctrl + Z)exit: Terminate the Meterpreter sessionguid: Get the session GUID (Globally Unique Identifier)help: Displays the help menuinfo: Displays information about a Post moduleirb: Opens an interactive Ruby shell on the current sessionload: Loads one or more Meterpreter extensionsmigrate: Allows you to migrate Meterpreter to another processrun: Executes a Meterpreter script or Post modulesessions: Quickly switch to another session
File system commands
cd: Will change directoryls: Will list files in the current directory (dir will also work)pwd: Prints the current working directoryedit: will allow you to edit a filecat: Will show the contents of a file to the screenrm: Will delete the specified filesearch: Will search for filesupload: Will upload a file or directorydownload: Will download a file or directory
Networking commands
arp: Displays the host ARP (Address Resolution Protocol) cacheifconfig: Displays network interfaces available on the target systemnetstat: Displays the network connectionsportfwd: Forwards a local port to a remote serviceroute: Allows you to view and modify the routing table
System commands
clearev: Clears the event logsexecute: Executes a commandgetpid: Shows the current process identifiergetuid: Shows the user that Meterpreter is running askill: Terminates a processpkill: Terminates processes by nameps: Lists running processesreboot: Reboots the remote computershell: Drops into a system command shellshutdown: Shuts down the remote computersysinfo: Gets information about the remote system, such as OS
Others Commands (these will be listed under different menu categories in the help menu)
idletime: Returns the number of seconds the remote user has been idlekeyscan_dump: Dumps the keystroke bufferkeyscan_start: Starts capturing keystrokeskeyscan_stop: Stops capturing keystrokesscreenshare: Allows you to watch the remote user's desktop in real timescreenshot: Grabs a screenshot of the interactive desktoprecord_mic: Records audio from the default microphone for X secondswebcam_chat: Starts a video chatwebcam_list: Lists webcamswebcam_snap: Takes a snapshot from the specified webcamwebcam_stream: Plays a video stream from the specified webcamgetsystem: Attempts to elevate your privilege to that of local systemhashdump: Dumps the contents of the SAM database
Although all these commands may seem available under the help menu, they may not all work. For example, the target system might not have a webcam, or it can be running on a virtual machine without a proper desktop environment.