Metasploit
MSFconsole Commands
Command | Description |
| Show all exploits within the Framework. |
| Show all payloads within the Framework. |
| Show all auxiliary modules within the Framework. |
| Search for exploits or modules within the Framework. |
| Load information about a specific exploit or module. |
| Load an exploit or module (example: use windows/smb/psexec). |
| Load an exploit by using the index number displayed after the search command. |
| Your local host’s IP address reachable by the target, often the public IP address when not on a local network. Typically used for reverse shells. |
| The remote host or the target. set function Set a specific value (for example, LHOST or RHOST). |
| Set a specific value globally (for example, LHOST or RHOST). |
| Show the options available for a module or exploit. |
| Show the platforms supported by the exploit. |
| Specify a specific target index if you know the OS and service pack. |
| Specify the payload to use. |
| Specify the payload index number to use after the show payloads command. |
| Show advanced options. |
| Automatically migrate to a separate process upon exploit completion. |
| Determine whether a target is vulnerable to an attack. |
| Execute the module or exploit and attack the target. |
| Run the exploit under the context of the job. (This will run the exploit in the background.) |
| Do not interact with the session after successful exploitation. |
| Specify the payload encoder to use (example: exploit –e shikata_ga_nai). |
| Display help for the exploit command. |
| List available sessions (used when handling multiple shells). |
| List all available sessions and show verbose fields, such as which vulnerability was used when exploiting the system. |
| Run a specific Meterpreter script on all Meterpreter live sessions. |
| Kill all live sessions. |
| Execute a command on all live Meterpreter sessions. |
| Upgrade a normal Win32 shell to a Meterpreter console. |
| Create a database to use with database-driven attacks (example: db_create autopwn). |
| Create and connect to a database for driven attacks (example: db_connect autopwn). |
| Use Nmap and place results in a database. (Normal Nmap syntax is supported, such as –sT –v –P0.) |
| Delete the current database. |
| Delete database using advanced options. |
Meterpreter Commands
Command | Description |
| Open Meterpreter usage help. |
| Run Meterpreter-based scripts; for a full list check the scripts/meterpreter directory. |
| Show the system information on the compromised target. |
| List the files and folders on the target. |
| Load the privilege extension for extended Meterpreter libraries. |
| Show all running processes and which accounts are associated with each process. |
| Migrate to the specific process ID (PID is the target process ID gained from the ps command). |
| Load incognito functions. (Used for token stealing and impersonation on a target machine.) |
| List available tokens on the target by user. |
| List available tokens on the target by group. |
| Impersonate a token available on the target. |
| Steal the tokens available for a given process and impersonate that token. |
| Stop impersonating the current token. |
| Attempt to elevate permissions to SYSTEM-level access through multiple attack vectors. |
| Drop into an interactive shell with all available tokens. |
| Execute cmd.exe and interact with it. |
| Execute cmd.exe with all available tokens. |
| Execute cmd.exe with all available tokens and make it a hidden process. |
| Revert back to the original user you used to compromise the target. |
| Interact, create, delete, query, set, and much more in the target’s registry. |
| Switch to a different screen based on who is logged in. |
| Take a screenshot of the target’s screen. |
| Upload a file to the target. |
| Download a file from the target. |
| Start sniffing keystrokes on the remote target. |
| Dump the remote keys captured on the target. |
| Stop sniffing keystrokes on the remote target. |
| Get as many privileges as possible on the target. |
| Take control of the keyboard and/or mouse. |
| Run your current Meterpreter shell in the background. |
| Dump all hashes on the target. use sniffer Load the sniffer module. |
| List the available interfaces on the target. |
| Start sniffing on the remote target. |
| Start sniffing with a specific range for a packet buffer. |
| Grab statistical information from the interface you are sniffing. |
| Stop the sniffer. |
| Add a user on the remote target. |
| Add a username to the Domain Administrators group on the remote target. |
| Clear the event log on the target machine. |
| Change file attributes, such as creation date (antiforensics measure). |
| Reboot the target machine. |
Last updated