1. msfconsole
? Help Menu
Back returned from the current environment
The Banner displays an MSF banner.
CD switch directory
Color Conversion
Connect to a host
Exit to exit MSF
Help Menu
Info displays information about one or more modules.
IRB enters IRB Script Mode
Jobs display and manage jobs
Kill to kill a job
Load a plug-in
Loadpath searches for and loads modules in a path
Quit exits MSF
Resource
Route
Save save action
Search Module name and description
Set assigns a value to a variable.
Setg assigns a value to the global variable
Show Displays the modules of the given type, or all modules.
Sleep does nothing within the specified number of seconds
Unload Uninstall a module
Unset unsets one or more variables
Unsetg removes one or more global variables
Use select a module by name
Version: displays the version numbers of MSF and console libraries.
Ii. Database
Db_add_host add one or more hosts to the database
Db_add_note add a comment to the host
Db_add_port Add a port to the host
Db_connect connects to an existing database
Db_create creates a new database instance
Db_del_host: deletes one or more hosts from the database.
Db_del_port: deletes a port from the database.
Db_destroy: delete an existing database
Db_disconnect disconnects from the current database instance
Db_driver specifies a database driver
Db_hosts lists all hosts in the database
Db_nmap executes NMAP and records the output
Db_notes list all comments in the database
Db_services: list all services in the database
Db_vulns list all database Vulnerabilities
Db_workspace convert database Workspace
Db_import_ip_list introduces an IP list file
Db_import_amap_mlog introduces a THC-AMAP scan result file (-o-m)
Db_import_nessus_nbe introduces a Nessus scan result file (NBE)
Db_import_nessus_xml introduces a Nessus scan result File
Db_import_nmap_xml introduces an Nmap scan result file (-Ox)
Db_autopwn automatic Exploitation
Iii. db_autopwn
-H Show Help
-T display all matching exploitation modules
-X: vulnerability-based modules
-P: select an open port-based module.
-E. Run all exploitation programs that match the target.
-R uses a reverse connection shell (reverse)
-B bind the shell (BIND) with a random port)
-Q: Disable the exploitation program output.
-L [range] Only use hosts in this range
-X [range] always exclude hosts in this range
-Pi [range] Only exploits hosts that open these ports
-Px [range] always exclude hosts that open these ports
-M [range]: run only the modules whose names match the regular expression.
4. meterpreter
Core commands:
? Help Menu
The channel displays the dynamic channel information.
Close to close a channel
Exit to terminate the meterpreter session
Help Menu
Interact channel Interaction
IRB Script Mode
Migrate transfers meterpreter to other processes
Quit terminate meterpreter
Read read data from a channel
Run to execute a meterpreter script
Use load one or more extensions
Write write data to the Channel
File System command:
Cat reads the content of a file to the screen.
CD switch directory
DEL: delete a specified file
Download a file or directory
Edit edit an object
Getlwd get local working directory
Getwd switch working directory
LCD switch local working directory
Lpwd print local working directory
Ls file list
Mkdir create directory
PWD prints the current working directory
Rm deletes a specified file
Rmdir remote directory
Upload uploads a file or directory
Network command:
Ipconfig display Network Interface
Portfwd sends a local port to a remote service
View and modify a route table
System command:
Clearev clear Event Logs
Execute to execute a command
Getpid gets the ID of the current process
Getuid gets the server running user
Kill to kill a process
PS: List Processes
Reboot restart Remote Computer
Reg Modify remote registry
Rev2self calls reverttoself () on a remote machine ()
Shell returns an external shell.
Shutdown
Sysinfo
User Interface command:
Enumdesktops list all access desktop and Windows Workstation
Idletime remote user idle time
Keyscan_dump
Keyscan_start
Keyscan_stop stop
Setdesktop transfers another workstation Desktop
Uictl User Interface Control
Password Database command:
Hashdump Sam dump
Timestamp command:
Timestomp File Modification Timestamp