Metasploit

Last updated 3 months ago

Was this helpful?

Metasploit

installation

sudo apt install postgresql
sudo apt install metasploit-framework

Start

Description

Command

Update

sudo apt update && sudo apt install metasploit-framework msfupdate

Run

msfconsole msfconsole -q service postgresql start && msfconsole

Database

Description

Command

Initialization

msfdb init msfdb reinit

Check

db_status

Help

help database

Workspace

Description

Command

Help

workspace -h

Listing

workspace

Selecting

workspace <NAME>

New

workspace -a <NAME>

Delate workspace

workspace -d

Delete all workspace

workspace -D

Nmap

db_nmap <COMMAND_NMAP>

Display data <TYPE> -h

hosts services creds loot analyze vulns notes

route

Export

db_export -f xml

Import

db_import <FILE_SCAN_NESSUS.nessus> db_import <FILE_SCAN_NMAP.xml>

Command

Description

Command

Help

help <COMMAND >-h

Refresh

reload_all

Search modules

<type>/<os>/<service>/<name> Type: exploits, payloads, auxiliary, post, etc. search <STRING> search type:<TYPE> name:<STRING> [<KEYWORD>:<VALUE>]

Filter

grep <STRING1> grep <STRING2> <COMMAND>

Info module

info <N>

Select module

use <N>

Setting Options

show options set <VARIABLE> <VALUE> show advanced

Setting Payload

show payloads

set payload <N>

Setting Target

show targets set target <N>

Encoders

show encoders

Setting Global

setg <VARIABLE> <VALUE>

Run

check run exploit exploit -e <shikata_ga_nai>

Sessions

Description

Command

Help

sessions -h

Listing

sessions

Upgrade

sessions -u <ID>

Resume

sessions -i <ID>

sessions -k <ID>

Close all

sessions -K

Job

Description

Command

Help

jobs -h

Start exploit in jobs

exploit -j

Listing

jobs -l

jobs -k <ID>

Close all

jobs -K

Meterpreter

Description

Command

Help

help

<COMMAND> -h

Local command

l<COMMAND>

Modules

run <MODULES> post/multi/recon/local_exploit_suggester

Migrate

ps (explorer or lsas)

pgrep <NAME>

migrate <PID>

Background

background CTRL+Z

exit CTRL+C

To obtain it

exploit/multi/script/web_delivery exploit/windows/smb/smb_delivery or Exploits

Plugin

Add plugin in /usr/share/metasploit-framework/plugins

Description

Command

Upload

load <PLUGIN>

load db_autopwn db_autopwn

WMAP

load wmap

wmap_<TAB> wmap_<X> -h

load pentest

Non-Staged & Staged

Type

Description

Non-Staged

Single payload. es. windows/shell_bind_tcp

Staged

Two part. es. in windows/shell/bind_tcp

Last updated 3 months ago

Was this helpful?

installation

sudo apt install postgresql
sudo apt install metasploit-framework

Start

Description

Command

Update

sudo apt update && sudo apt install metasploit-framework msfupdate

Run

msfconsole msfconsole -q service postgresql start && msfconsole

Database

Description

Command

Initialization

msfdb init msfdb reinit

Check

db_status

Help

help database

Workspace

Description

Command

Help

workspace -h

Listing

workspace

Selecting

workspace <NAME>

New

workspace -a <NAME>

Delate workspace

workspace -d

Delete all workspace

workspace -D

Nmap

db_nmap <COMMAND_NMAP>

Display data <TYPE> -h

hosts services creds loot analyze vulns notes

route

Export

db_export -f xml

Import

db_import <FILE_SCAN_NESSUS.nessus> db_import <FILE_SCAN_NMAP.xml>

Command

Description

Command

Help

help <COMMAND >-h

Refresh

reload_all

Search modules

<type>/<os>/<service>/<name> Type: exploits, payloads, auxiliary, post, etc. search <STRING> search type:<TYPE> name:<STRING> [<KEYWORD>:<VALUE>]

Filter

grep <STRING1> grep <STRING2> <COMMAND>

Info module

info <N>

Select module

use <N>

Setting Options

show options set <VARIABLE> <VALUE> show advanced

Setting Payload

show payloads

set payload <N>

Setting Target

show targets set target <N>

Encoders

show encoders

Setting Global

setg <VARIABLE> <VALUE>

Run

check run exploit exploit -e <shikata_ga_nai>

Sessions

Description

Command

Help

sessions -h

Listing

sessions

Upgrade

sessions -u <ID>

Resume

sessions -i <ID>

sessions -k <ID>

Close all

sessions -K

Job

Description

Command

Help

jobs -h

Start exploit in jobs

exploit -j

Listing

jobs -l

jobs -k <ID>

Close all

jobs -K

Meterpreter

Description

Command

Help

help

<COMMAND> -h

Local command

l<COMMAND>

Modules

run <MODULES> post/multi/recon/local_exploit_suggester

Migrate

ps (explorer or lsas)

pgrep <NAME>

migrate <PID>

Background

background CTRL+Z

exit CTRL+C

To obtain it

exploit/multi/script/web_delivery exploit/windows/smb/smb_delivery or Exploits

Plugin

Add plugin in /usr/share/metasploit-framework/plugins

Description

Command

Upload

load <PLUGIN>

load db_autopwn db_autopwn

WMAP

load wmap

wmap_<TAB> wmap_<X> -h

load pentest

Non-Staged & Staged

Type

Description

Non-Staged

Single payload. es. windows/shell_bind_tcp

Staged

Two part. es. in windows/shell/bind_tcp