#readwise # Using the Metasploit Framework - Meterpreter  ## Metadata - Author: [[Hack The Box]] - Full Title: Using the Metasploit Framework - Meterpreter - URL: https://academy.hackthebox.com/module/39/section/414 ## Summary Meterpreter is a powerful tool that operates in the memory of a target system, making it hard to detect. It provides a range of commands for effective post-exploitation tasks and can be run on various operating systems. Meterpreter ensures secure communication through AES encryption and allows for easy extension of its features. It helps attackers gain control over a system and escalate privileges, making it a valuable asset in security assessments. ## Highlights The `Meterpreter` Payload is a specific type of multi-faceted, extensible Payload that uses `DLL injection` to ensure the connection to the victim host is stable and difficult to detect using simple checks and can be configured to be persistent across reboots or system changes. Furthermore, Meterpreter resides entirely in the memory of the remote host and leaves no traces on the hard drive, making it difficult to detect with conventional forensic techniques. ([View Highlight](https://read.readwise.io/read/01js2dq8e7a4a6mn37k0jmvn7d)) --- The purpose of Meterpreter is to specifically improve our post-exploitation procedures, offering us a hand-picked set of relevant tools for more straightforward enumeration of the target host from the inside. It can help us find various privilege escalation techniques, AV evasion techniques, further vulnerability research, provide persistent access, pivot, etc. ([View Highlight](https://read.readwise.io/read/01js2dqvf60pnrmxn9b26jm33z)) ---