M E T E R P R E T E R
In this chapter, we’ll dive deeper into this “hacker’s
Swiss army knife” that can significantly improve your
post exploitation experience. Meterpreter is one of
the flagship products in Metasploit and is leveraged as
a payload after a vulnerability is exploited. A
payload
is
the information returned to us when we trigger an
exploit. For example, when we exploit a weakness in a Remote Procedure
Call (RPC), trigger the exploit, and select Meterpreter as the payload, we
would be given a Meterpreter shell to the system. Meterpreter is an extension
of the Metasploit Framework that allows us to leverage Metasploit’s function-
ality and further compromise our target. Some of this functionality includes
ways to cover your tracks, reside purely in memory, dump hashes, access
operating systems, pivot, and much more.
In this chapter, we’ll leverage normal attack methods within Metasploit
to compromise a Windows XP machine. Our payload, Meterpreter, will allow
us to perform additional attacks after we’ve compromised the system.