API and Extensions
Meterpreter extensions are located in metasploit-framework/lib/rex/post/meterpreter
. It's highly recommended to browse and open the files to understand the code and it's style.
Extension ClientCore : core
core
Path
metasploit-framework/lib/rex/post/meterpreter/client_core.rb
use method is used to load meterpreter extensions which is used in the meterpreter console (ex. use sniffer
, use mimikatz
, etc )
Note: to list all loadable extensions in meterpreter console use
use -l
command.
From IRB console of the meterpreter, let's try to use sniffer extension
As you can see, it returns a nil
because the sniffer extension hasn't yet loaded.
Let's try to load the extension
As you can see it returns a nil
because the method use is available in the core
extension not in the meterpreter client
instance.
To load extension:
load sniffer
To check all sniffer extension methods, go to metasploit-framework/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb
also, from IRB, get all methods as we know
which returns an array of all available methods
Getting available interfaces:
sniffer_interfaces
which returns array of hashes
Extension Stdapi::Fs : fs
fs
Path
metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/fs
Dir class: dir.rb
dir.rb
One of the extensions available for fs
is Dir located in metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb
. Let's to use some of its methods which we can know from client.fs.dir.methods
or from source code.
Get current directory:
pwd
List all files and directories in the current directory
ls
Change the current directory:
cd
Create a new directory:
mkdir
File class: file.rb
file.rb
Discover File class, let's begin with a simple search. Try to download and download files.
Search
Extension Stdapi::Fs : sys
sys
Path
metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/sys
Config class: config.rb
config.rb
Get User ID:
getuid
Get system information
Check if current process is running as SYSTEM user
Enables all possible privileges:
getpriv
Process class: process.rb
process.rb
Get the current Process ID:
getpid
Get all exist processes with its details (pid, ppid, name, path, session, user, arch):
ps
Extension Stdapi::Fs : net
net
Path
metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/net
Get the current victim interfaces:
ifconfig
oripconfig
Get network stat:
netstat
Get the ARP table:
arp
Routes:
route
Get Proxy settings:
getproxy
As you can see how easy to get familiar with meterpreter API. there are other extensions you can play with
You can add more about those too in Rubyfu!
Last updated