Metasploit has a payload component called Meterpreter that is injected inside a running process and offers a command environment to the attacker. This avoids starting a new process and keeps the activity inside memory without needing to write to the hard drive. The meterpreter payload can launch a command prompt session for you on the victim system but you can also perform many tasks from within meterpreter without taking the risk of being noticed. You can dump password hashes and upload or download files. You can execute programs and can migrate the meterpreter presence from one running process into a different process.

Leave a Reply

You must be logged in to post a comment.