- transfer files to /tmp
- look for cleanup .rc scripts when uploading payloads (note location)
- to run .rc script -
- resource <path_to_rc> : run in meterpreter session
clearev(meterpreter command): clear event logs (stay away unless specified)- Negotiate what you can do: regedit? kernel-exploit?
history -c: to clear history in linuxcat /dev/null > ~/.bash_history: same as above