What is the meaning of "meterpreter session"? My understanding is it is a session that we can send commands to the host for execution. And a meterpreter session is created when we don't get a shell.
-
Thank u all, what u are saying is meterpreter is program that gives us the OS shell and also allows us to execute metasploit post exploitation modules on the target, Right! – ranjit silent May 04 '21 at 09:30
2 Answers
And a meterpreter session is created when we don't get a shell.
This is wrong. When you use Metasploit, you choose the exploit you wish to use, and often times the payload you wish to execute. This payload could be a specific action on the target OS (e.g. create a new user, delete a file, etc...), an OS shell or a Meterpreter shell.
What's the difference between Meterpreter and an OS shell?
Meterpreter is a program that's supposed to make post-exploitation a lot easier. It allows you to manage your initial session on the target machine, such as migrating into an existing process, or killing AV, if that's a problem.
Best of all, it allows you to load other post-exploitation modules, such as Mimikatz, which can be used to dump credentials or perform further attack.
And finally, Meterpreter can also act as a regular OS shell. So for all intents and purposes, Meterpreter sessions are preferable.
-
That means a meterpreter shell can allow us to load modules from metasploit to the target machine, meterpreter also acts like a shell, modules loader etc – ranjit silent May 04 '21 at 12:44
-
-
Since I got my answer, Is there any option to close this or shall I leave this question like this only – ranjit silent May 04 '21 at 16:48
-
@ranjitsilent Please click the checkmark below the answer you believe to be the one to answer your question sufficiently. This marks your question as answered. – May 04 '21 at 23:54