Metasploit Framework Console

Introduction

Metasploit framework console or msfconsole is the command-line interface (CLI) for the Metasploit Framework. It is the most commonly used interface for interacting with Metasploit.

Msfconsole workflows

Basic

1. Launch the msfconsole

$ msfconsole

2. Show the modules

msf6> show [module_type]

Example:

msf6> show exploits

3. Use the specific module

msf6> use [module_name]

Alternatively,

msf6> use [module_number]

(module_number is the numbering of the specific module that you want to use which is from the result of previous show command)

Example:

msf6> use exploit/windows/smb/ms17_010_eternalblue

OR,

msf6> use 2351

4. See the contexts in which we will work

msf6> show options

5. Obtain information on any module (within the context of module)

msf6> info

6. Leave the context

msf6> back

7. Search the module with relevant search parameter

msf6> search [search_param]

Example:

msf6> search eternalblue

8. Search the modules with a specific search parameter and by specifying module type

msf6> search type:[module_type] [search_parameter]

Example:

msf6> search type:auxiliary telnet

Working with modules

1. Select appropriate module from the given modules

msf6> use [module_name]

OR,

msf6> use [module_number]

2. See the values in the context in which we will work

msf6> show options

(This will show the options which is to be set with values for working further, like RPORT, RHOST, LPORT, LHOST, Payload)

RPORT: the remote port on the target system
RHOST: the remote host, which is the target machine IP address
LPORT: the local unused port on our local machine that will be used to connect back using reverse shell
LHOST: the attacking machine or the local machine IP address
Payload: the payload name that will be used for further exploitation

3. Set the values for the modules

msf6> set [parameter] [value]

Example:

msf6> set lhost 10.0.2.15

4. Unset the values for the modules (optional)

msf6> unset [parameter]

5. Unset all the values for the modules (optional)

msf6> unset all

6. Set the values for the modules globally (optional)

msf6> setg [parameter] [value]

7. Unset the values for the modules which has been set globally (optional)

msf6> unsetg [parameter]

Using modules

1. Run the module (after setting all of its required values)

msf6> exploit

OR,

msf6> run

2. Run the module and background its session as soon as it opens (optional)

msf6> exploit -z

OR, use the keyboard command: CTRL + Z (when the session is created, after running the module)

3. Check if the target system is vulnerable without exploiting it (optional, only for some modules)

msf6> check

4. See the existing sessions in msf or meterpreter context

msf6> sessions

(This will show the current sessions with their session id)

5. Interact with any one session

msf6> sessions -i [session_id]

Different msf prompts

The msf console

It is the prompt in which context specific commands for setting parameters, seraching and running modules, etc. can be used. Initially, no context is set here.

msf6>

The context prompt

After choosing the module in the msfconsole using the use command, we will get this prompt. The context specific commands here are for setting the values and running the modules like: set RPORT 80

Example:

msf6 exploit(windows/smb/ms17_010_eternalblue)>

The meterpreter prompt

After running the module, if we get the meterpreter prompt, then this specifies that meterpreter agent (payload) was loaded to the target system and connected back to us).

meterpreter>

PreviousMetasploit - Intro NextMsfvenom

Last updated 1 year ago