Meterpreter is a tool that is packaged together with the metasploit framework. The features of meterpreter are:
1. Does not create any files on the harddisk, it resides in memory and attaches itself to a process.
2. client-server communication is in the form of type-length-value (TLV) format.
3. client-server communication between attacker machine and victim machine is encrypted.
4. It provides a platform to write extensions.
How it works
Step 1: Apply exploit and 1st stage payload (such as reverse tcp binding) to the victim machine.
Step 2: Victim machine connects (using reverse tcp binding) back to attacker’s machine.
Step 3: Meterpreter on the attacker’s machine sends the 2nd stage payload that does DLL injection.
Step 4: Meterpreter on the attacker machine sends server DLL to the victim machine.
Step 5: Client-server communication establishes.
For a list of meterpreter commands use help or ?.
For some reason the keyscan_dump was not working….Meterpreter can do keylogging.