Closed kurdostan closed 1 year ago
When creating an issue, please ensure that the default issue template has been updated with the required details: https://github.com/rapid7/metasploit-framework/issues/new/choose
Closing this issue. If you believe this issue has been closed in error, please provide any relevant output and logs which may be useful in diagnosing the issue.
msfconsolehelp msfconsole help command output
What is the MSFconsole? The msfconsole is probably the most popular interface to the Metasploit Framework (MSF). It provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the MSF. MSFconsole may seem intimidating at first, but once you learn the syntax of the commands you will learn to appreciate the power of utilizing this interface.
Benefits to Using MSFconsole It is the only supported way to access most of the features within Metasploit. Provides a console-based interface to the framework Contains the most features and is the most stable MSF interface Full readline support, tabbing, and command completion Execution of external commands in msfconsole is possible: msf > ping -c 1 192.168.1.100 [*] exec: ping -c 1 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data. 64 bytes from 192.168.1.100: icmp_seq=1 ttl=128 time=10.3 ms
--- 192.168.1.100 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 10.308/10.308/10.308/0.000 ms msf > Launching MSFconsole The MSFconsole is launched by simply running msfconsole from the command line. MSFconsole is located in the /usr/share/metasploit-framework/msfconsole directory.
The -q option removes the launch banner by starting msfconsole in quiet mode.
root@kali:# msfconsole -q msf > How to Use the Command Prompt You can pass -h to msfconsole to see the other usage options available to you.
root@kali:~# msfconsole -h Usage: msfconsole [options]
Common options -E, --environment ENVIRONMENT The Rails environment. Will use RAIL_ENV environment variable if that is set. Defaults to production if neither option not RAILS_ENV environment variable is set.
Database options -M, --migration-path DIRECTORY Specify a directory containing additional DB migrations -n, --no-database Disable database support -y, --yaml PATH Specify a YAML file containing database settings
Framework options -c FILE Load the specified configuration file -v, --version Show version
Module options --defer-module-loads Defer module loading unless explicitly asked. -m, --module-path DIRECTORY An additional module path
Console options: -a, --ask Ask before exiting Metasploit or accept 'exit -y' -d, --defanged Execute the console as defanged -L, --real-readline Use the system Readline library instead of RbReadline -o, --output FILE Output to the specified file -p, --plugin PLUGIN Load a plugin on startup -q, --quiet Do not print the banner on startup -r, --resource FILE Execute the specified resource file (- for stdin) -x, --execute-command COMMAND Execute the specified string as console commands (use ; for multiples) -h, --help Show this message Entering help or a ? once in the msf command prompt will display a listing of available commands along with a description of what they are used for.
msf > help
Command Description
------- -----------
? Help menu
advanced Displays advanced options for one or more modules
back Move back from the current context
banner Display an awesome metasploit banner
cd Change the current working directory
color Toggle color
connect Communicate with a host
edit Edit the current module with $VISUAL or $EDITOR
exit Exit the console
get Gets the value of a context-specific variable
getg Gets the value of a global variable
grep Grep the output of another command
help Help menu
info Displays information about one or more modules
irb Drop into irb scripting mode
jobs Displays and manages jobs
kill Kill a job
load Load a framework plugin
loadpath Searches for and loads modules from a path
makerc Save commands entered since start to a file
options Displays global options or for one or more modules
popm Pops the latest module off the stack and makes it active
previous Sets the previously loaded module as the current module
pushm Pushes the active or list of modules onto the module stack
quit Exit the console
reload_all Reloads all modules from all defined module paths
rename_job Rename a job
resource Run the commands stored in a file
route Route traffic through a session
save Saves the active datastores
search Searches module names and descriptions
sessions Dump session listings and display information about sessions
set Sets a context-specific variable to a value
setg Sets a global variable to a value
show Displays modules of a given type, or all modules
sleep Do nothing for the specified number of seconds
spool Write console output into a file as well the screen
threads View and manipulate background threads
unload Unload a framework plugin
unset Unsets one or more context-specific variables
unsetg Unsets one or more global variables
use Selects a module by name
version Show the framework and console library version numbers
Command Description
------- -----------
creds List all credentials in the database
db_connect Connect to an existing database
db_disconnect Disconnect from the current database instance
db_export Export a file containing the contents of the database
db_import Import a scan result file (filetype will be auto-detected)
db_nmap Executes nmap and records the output automatically
db_rebuild_cache Rebuilds the database-stored module cache
db_status Show the current database status
hosts List all hosts in the database
loot List all loot in the database
notes List all notes in the database
services List all services in the database
vulns List all vulnerabilities in the database
workspace Switch between database workspaces
Tab Completion The MSFconsole is designed to be fast to use and one of the features that helps this goal is tab completion. With the wide array of modules available, it can be difficult to remember the exact name and path of the particular module you wish to make use of. As with most other shells, entering what you know and pressing ‘Tab’ will present you with a list of options available to you or auto-complete the string if there is only one option. Tab completion depends on the ruby readline extension and nearly every command in the console supports tab completion.
use exploit/windows/dce use .netapi. set LHOST show set TARGET set PAYLOAD windows/shell/ exp msf > use exploit/windows/smb/ms use exploit/windows/smb/ms03_049_netapi use exploit/windows/smb/ms04_007_killbill use exploit/windows/smb/ms04_011_lsass use exploit/windows/smb/ms04_031_netdde use exploit/windows/smb/ms05_039_pnp use exploit/windows/smb/ms06_025_rasmans_reg use exploit/windows/smb/ms06_025_rras use exploit/windows/smb/ms06_040_netapi use exploit/windows/smb/ms06_066_nwapi use exploit/windows/smb/ms06_066_nwwks use exploit/windows/smb/ms06_070_wkssvc use exploit/windows/smb/ms07_029_msdns_zonename use exploit/windows/smb/ms08_067_netapi use exploit/windows/smb/ms09_050_smb2_negotiate_func_index use exploit/windows/smb/ms10_046_shortcut_icon_dllloader use exploit/windows/smb/ms10_061_spoolss use exploit/windows/smb/ms15_020_shortcut_icon_dllloader msf > use exploit/windows/smb/ms08_067_netapi The MSFconsole is the most commonly used interface for Metasploit. Making yourself familiar with these msfconsole commands will help you throughout this course and give you a strong foundation for working with Metasploit in general.
Almost all of your interaction with Metasploit will be through its many modules, which it looks for in two locations. The first is the primary module store under /usr/share/metasploit-framework/modules/ and the second, which is where you will store custom modules, is under your home directory at ~/.msf4/modules/.
root@kali:~# ls /usr/share/metasploit-framework/modules/ auxiliary encoders exploits nops payloads post All Metasploit modules are organized into separate directories, according to their purpose. A basic overview of the various types of Metasploit modules is shown below.
Exploits In the Metasploit Framework, exploit modules are defined as modules that use payloads.
root@kali:~# ls /usr/share/metasploit-framework/modules/exploits/ aix bsdi firefox irix multi solaris android dialup freebsd linux netware unix apple_ios example.rb hpux mainframe osx windows Auxiliary Auxiliary modules include port scanners, fuzzers, sniffers, and more.
root@kali:~# ls /usr/share/metasploit-framework/modules/auxiliary/ admin client dos gather scanner spoof vsploit analyze crawler example.rb parser server sqli bnat docx fuzzers pdf sniffer voip Payloads, Encoders, Nops Payloads consist of code that runs remotely, while encoders ensure that payloads make it to their destination intact. Nops keep the payload sizes consistent across exploit attempts.
root@kali:~# ls /usr/share/metasploit-framework/modules/payloads/ singles stagers stages root@kali:~# ls /usr/share/metasploit-framework/modules/encoders/ cmd generic mipsbe mipsle php ppc ruby sparc x64 x86 root@kali:~# ls /usr/share/metasploit-framework/modules/nops/ aarch64 armle mipsbe php ppc sparc tty x64 x86 Loading Additional Module Trees Metasploit gives you the option to load modules either at runtime or after msfconsole has already been started. Pass the -m option when running msfconsole to load additional modules at runtime:
root@kali:~# msfconsole -m ~/secret-modules/ If you need to load additional modules from with msfconsole, use the loadpath command:
msf > loadpath Usage: loadpath </path/to/modules>
Loads modules from the given directory which should contain subdirectories for module types, e.g. /path/to/modules/exploits
msf > loadpath /usr/share/metasploit-framework/modules/ Loaded 399 modules: 399 payloads
Steps to reproduce
How'd you do it?
This section should also tell us any relevant information about the environment; for example, if an exploit that used to work is failing, tell us the victim operating system and service versions.
Were you following a specific guide/tutorial or reading documentation?
If yes link the guide/tutorial or documentation you were following here, otherwise you may omit this section.
Expected behavior
What should happen?
Current behavior
What happens instead?
Metasploit version
Get this with the
version
command in msfconsole (orgit log -1 --pretty=oneline
for a source install).Additional Information
If your version is less than
5.0.96
, please update to the latest version and ensure your issue is still present.If the issue is encountered within
msfconsole
, please run thedebug
command using the instructions below. If the issue is encountered outisdemsfconsole
, or the issue causesmsfconsole
to crash on startup, please delete this section.msfconsole
set loglevel 3
debug
command===8<=== CUT AND PASTE EVERYTHING BELOW THIS LINE ===8<===
line and make sure to REMOVE ANY SENSITIVE INFORMATION.