Metasploit framework console or msfconsole is the command-line interface (CLI) for the Metasploit Framework. It is the most commonly used interface for interacting with Metasploit.
Msfconsole workflows
Basic
1. Launch the msfconsole
$ msfconsole
2. Show the modules
msf6> show [module_type]
Example:
msf6> show exploits
3. Use the specific module
msf6> use [module_name]
Alternatively,
msf6> use [module_number]
(module_number is the numbering of the specific module that you want to use which is from the result of previous show command)
Example:
msf6> use exploit/windows/smb/ms17_010_eternalblue
OR,
msf6> use 2351
4. See the contexts in which we will work
msf6> show options
5. Obtain information on any module (within the context of module)
msf6> info
6. Leave the context
msf6> back
7. Search the module with relevant search parameter
msf6> search [search_param]
Example:
msf6> search eternalblue
8. Search the modules with a specific search parameter and by specifying module type
1. Select appropriate module from the given modules
msf6> use [module_name]
OR,
msf6> use [module_number]
2. See the values in the context in which we will work
msf6> show options
(This will show the options which is to be set with values for working further, like RPORT, RHOST, LPORT, LHOST, Payload)
RPORT: the remote port on the target system
RHOST: the remote host, which is the target machine IP address
LPORT: the local unused port on our local machine that will be used to connect back using reverse shell
LHOST: the attacking machine or the local machine IP address
Payload: the payload name that will be used for further exploitation
3. Set the values for the modules
msf6> set [parameter] [value]
Example:
msf6> set lhost 10.0.2.15
4. Unset the values for the modules (optional)
msf6> unset [parameter]
5. Unset all the values for the modules (optional)
msf6> unset all
6. Set the values for the modules globally (optional)
msf6> setg [parameter] [value]
7. Unset the values for the modules which has been set globally (optional)
msf6> unsetg [parameter]
Using modules
1. Run the module (after setting all of its required values)
msf6> exploit
OR,
msf6> run
2. Run the module and background its session as soon as it opens (optional)
msf6> exploit -z
OR, use the keyboard command: CTRL + Z (when the session is created, after running the module)
3. Check if the target system is vulnerable without exploiting it (optional, only for some modules)
msf6> check
4. See the existing sessions in msf or meterpreter context
msf6> sessions
(This will show the current sessions with their session id)
5. Interact with any one session
msf6> sessions -i [session_id]
Different msf prompts
The msf console
It is the prompt in which context specific commands for setting parameters, seraching and running modules, etc. can be used. Initially, no context is set here.
msf6>
The context prompt
After choosing the module in the msfconsole using the use command, we will get this prompt. The context specific commands here are for setting the values and running the modules like: set RPORT 80
Example:
msf6 exploit(windows/smb/ms17_010_eternalblue)>
The meterpreter prompt
After running the module, if we get the meterpreter prompt, then this specifies that meterpreter agent (payload) was loaded to the target system and connected back to us).
