Sessions Command in Metasploit

Today we are going to learn about the session’s command of the Metasploit Framework.  Sessions command basically helps us to interact and manipulate with the various sessions created through the exploits while hacking. Sessions command is usually just used to get into the session but it is far more useful than just that. Sessions command can run a single command on multiple sessions, and also upgrade a normal shell to meterpreter.  

Requirement

Attacker: Kali Linux

Targets: Any operating system

Open Kali Linux terminal and type msfconsole in order to load Metasploit framework.  Now you need to compromise victim’s machine once to achieve any type of session either metrepreter or shell and to do so you can read our previous article from here.

So once you have obtained victim’s machine session you can perform many operations in the victim’s system for retrieving important information.  Using help command we can check the list of options that we can use with session command.

From given below image you can observe that it had shown many options which will be quite useful for system enumeration

Run a command in multiple sessions

We can run multiple OS arbitrary commands of on multiple meterpreter session using the sessions command.

Syntax: sessions -c [command] -i [Session id]

As you can see in the screenshot provided below that the hostname command ran on the sessions 1, 2 and 3 giving us Hostnames of the respectable Systems.

Sessions ID Victim’s IP Hostname
1 192.168.1.107 Pc21-PC
2 192.168.1.114 Pavan
3 192.168.1.113 PD-Laptop

Get Detailed Information about Sessions

Use verbose option for obtaining complete detail of session, it described the type of session achieve i.e. meterpreter or shell; inform target system hostname and etc.

From given below image you can observe that output result using the verbose option with session command.

Run a Script or a Module in Multiple Sessions

Syntax: sessions -s [script-name]

As you can see in the screenshot provided above that the winenum script ran on the sessions 4, 5 and 6 enumerating data from the respectable Systems and save the output result into text files in a pavan17.1611 folder.

Explore above highlighted path ./root/.msf4/logs/scripts/winenum/pavan to obtain the output result of the text file and from given below image you can observe that it showing all text files which has contain the output result of the above-executed command. 

From given below image you can read the information stored inside the ipconfig__all.txt file for network configuration.

Assign Name to Sessions

We can name the sessions anything we want so as to differentiate between the sessions. To Name, a session uses the following command.

Syntax: sessions -n [Name] -i [Session ID]

From given below image you can observe we have successfully named Session 1 as ‘Yondu’; here session ID 1 denotes yondu as session Name.

Kill a Particular Session

If we want to close a particular session, we can do so using Kill option with the particular session ID in the sessions command.

Syntax: sessions -k [Session ID]

As you can see in the given screenshot that we have closed session 3 using the sessions command.

Kill All Session

If we want to close all the sessions, we can do so using Kill option without editing any session ID in the sessions command.

As you can see in the given screenshot that we have closed all the sessions using the sessions command.

Upgrading a Shell to Meterpreter

Many times while hacking through direct exploits we get to the shell of the remote system but due to such vast usability of the Meterpreter command, we need to get the meterpreter shell. We can upgrade a normal shell to meterpreter shell using the sessions command

Firstly let’s gain a shell; here I am using the direct exploit as shown in the given screenshot which when executed gives us the shell of the server.

You can clearly see that we have a Linux shell at session #1. Now let’s upgrade this shell to meterpreter Shell.

Firstly press “Ctrl+z” to send this shell in the background, then use upgrade option with session ID as shown in the following Sessions Command.

As you can see in the image that the meterpreter shell is opened in session #2.

 Author: Pavandeep Singh is a Technical Writer, Researcher and Penetration Tester Contact here

1 Comment Sessions Command in Metasploit

  1. sm

    how to start multiple sessions at one time ? because the exploit command in previous article enters into session at a time

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *