# Metasploit Framework Console

<figure><img src="/files/plkLgsHB8KjgdW5F7kuj" alt=""><figcaption><p>msfconsole</p></figcaption></figure>

## Introduction

Metasploit framework console or msfconsole is the command-line interface (CLI) for the Metasploit Framework. It is the most commonly used interface for interacting with Metasploit.

## Msfconsole workflows

### Basic

#### 1. Launch the msfconsole

```bash
$ msfconsole
```

#### 2. Show the modules

```bash
msf6> show [module_type]
```

*Example:*

```bash
msf6> show exploits
```

#### 3. Use the specific module

```bash
msf6> use [module_name]
```

Alternatively,

```bash
msf6> use [module_number]
```

(module\_number is the numbering of the specific module that you want to use which is from the result of previous show command)

*Example:*

```bash
msf6> use exploit/windows/smb/ms17_010_eternalblue
```

OR,

```bash
msf6> use 2351
```

#### 4. See the contexts in which we will work

```bash
msf6> show options
```

#### 5. Obtain information on any module (within the context of module)&#x20;

```bash
msf6> info
```

#### 6. Leave the context

```bash
msf6> back
```

#### 7. Search the module with relevant search parameter

```bash
msf6> search [search_param]
```

*Example:*

```bash
msf6> search eternalblue
```

#### 8. Search the modules with a specific search parameter and by specifying module type

```bash
msf6> search type:[module_type] [search_parameter]
```

*Example:*

```bash
msf6> search type:auxiliary telnet
```

### Working with modules

#### 1. Select appropriate module from the given modules

```bash
msf6> use [module_name]
```

OR,

```bash
msf6> use [module_number]
```

#### 2. See the values in the context in which we will work

```bash
msf6> show options
```

(This will show the options which is to be set with values for working further, like RPORT, RHOST, LPORT, LHOST, Payload)

{% hint style="info" %}

1. RPORT: the remote port on the target system
2. RHOST: the remote host, which is the target machine IP address
3. LPORT: the local unused port on our local machine that will be used to connect back using reverse shell
4. LHOST: the attacking machine or the local machine IP address
5. Payload: the payload name that will be used for further exploitation
   {% endhint %}

#### 3.  Set the values for the modules

```bash
msf6> set [parameter] [value]
```

*Example:*

```bash
msf6> set lhost 10.0.2.15
```

#### 4. Unset the values for the modules (optional)

```bash
msf6> unset [parameter]
```

#### 5. Unset all the values for the modules (optional)

```bash
msf6> unset all
```

#### 6. Set the values for the modules globally (optional)

```bash
msf6> setg [parameter] [value]
```

#### 7. Unset the values for the modules which has been set globally (optional)

```bash
msf6> unsetg [parameter]
```

### Using modules

#### 1. Run the module (after setting all of its required values)

```bash
msf6> exploit
```

OR,

```bash
msf6> run
```

#### 2. Run the module and background its session as soon as it opens (optional)

```bash
msf6> exploit -z
```

OR, use the keyboard command: `CTRL + Z` (when the session is created, after running the module)

#### 3. Check if the target system is vulnerable without exploiting it (optional, only for some modules)

```bash
msf6> check
```

#### 4. See the existing sessions in msf or meterpreter context

```bash
msf6> sessions
```

(This will show the current sessions with their session id)

#### 5. Interact with any one session

```bash
msf6> sessions -i [session_id]
```

## Different msf prompts

#### The msf console

It is the prompt in which context specific commands for setting parameters, seraching and running modules, etc. can be used. Initially, no context is set here.

```bash
msf6>
```

#### The context prompt

After choosing the module in the msfconsole using the `use` command, we will get this prompt. The context specific commands here are for setting the values and running the modules like: `set RPORT 80`

*Example:*

```bash
msf6 exploit(windows/smb/ms17_010_eternalblue)>
```

#### The meterpreter prompt

After running the module, if we get the meterpreter prompt, then this specifies that meterpreter agent (payload) was loaded to the target system and connected back to us).

```bash
meterpreter>
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hacktools.aprasanna.com.np/metasploit/metasploit-framework-console.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.