Now that we can access the target machine at our will, let us explore other commands that allow us to read, download navigate, and execute files.
The ‘pwd’ command helps to access the current working directory by bringing it to the C:\Users.
The ‘ls’ command will list all the directories and files.
The ‘passwords.txt’ command can read the content of the file containing passwords.
To download this file, use the ‘donwload’ command along with the filename.
The ‘execute’ command will execute the file on the target system.
The ‘shell’ command will convert the running Meterpreter/Metasploit session into an operating system shell.
Methods to Maintain access
When we use a normal backdoor if the target system restarts we will lose access to it. The process will be terminated and so will our connection to the target machine. To maintain access, we will use an undetectable backdoor (HTTP reverse Mterepreter) and then run it as a service. This will ensure that our Kali machine will try connecting it every ten seconds, no matter how many times it shuts down or restarts. Run Meterpreter handler, wait for the connection, and then run the ‘exploit’ command for listening. Within ten seconds, we will establish a connection and have access to the target machine.