-1

Once I have a meterpreter shell on the machine, I opened a MS-DOS prompt with this command: 

execute -f cmd.exe -i -H

Then, I would like to edit a file with edit file_name, but I don't know how to save the file (normally you have to use the MS-DOS menu but there is no such thing in a meterpreter session).

Do you have any idea how I can achieve my goal?

schroeder
  • 123,438
  • 55
  • 284
  • 319
george
  • 33
  • 1
  • 1
  • 6
  • 2
    For the record: `cmd.exe` **IS NOT** a MS-DOS shell. MS-DOS was a 16-bit real-mode non-multi-tasking operating system that used a command-line shell called `command.com`. While `cmd.exe` shares much (*though not all*) of its syntax with `command.com` and as a consequence DOS `.bat` files will usually work on it, it is a 32-bit Windows binary that supports multi-tasking (and does not run on MS-DOS). If you're running `cmd.exe` then you are on Windows, not DOS, and *the title of your question is wrong*. – CBHacking Sep 26 '16 at 18:23

3 Answers3

2

It might be easier to not edit the file on the target box but on the attacking box, you can easily do this by the two meterpreter commands upload / download and a local editor of your choice.

kaidentity
  • 2,634
  • 13
  • 30
1

Check out meterpreter's edit command:

The ‘edit‘ command opens a file located on the target host. It uses the ‘vim’ so all the editor’s commands are available.

Please refer to the “vim” editor documentation for more advance [dic]use. http://www.vim.org/

This should be issued in the meterpreter shell, not the command shell (i.e. before you run execute).

schroeder
  • 123,438
  • 55
  • 284
  • 319
SilverlightFox
  • 33,408
  • 6
  • 67
  • 178
0

Depending on how much editing you need to do, you can use echo with output redirection (> to overwrite a file with your output, >> to append to a file) to edit a file. For example,

echo This line will replace the contents of this file > file1.txt
echo This line will be appended to the file's end >> file2.txt

If you need to do more fine-grained editing than that and you're on a modern Windows version, you can use powershell, which gives you a much more powerful scripting engine (although you will still need to script out the editing). If you were actually on DOS (you aren't!), or are on a 32-bit Windows version, you could use edlin. You do not want to use edlin.

Of course, since what you're actually trying to do is "edit a file via meterpreter", which has nothing to do with cmd.exe much less MS-DOS, you should just use meterpreter's edit command, as the other answers say.

CBHacking
  • 40,303
  • 3
  • 74
  • 98