msfconsole
– CLI interfacesarmitage
– a 3rd party GUI interface
Table of Contents
Setup
- must enable postgresql before starting the console
systemctl start postgresql
– starts servicesystemctl enable postgresql
– set to auto start
usage
- auxiliary module – post scanning, protocol enum, fuzzing, sniffing modules
show auxiliary
– show modules- to use a module
use module/path/argument
info
– show module infoshow options
– configurable optionsset OPTION value
– set the optionsetg OPTION value
– sets value that is global or persists between modulesRHOSTS
– common option for targets of moduleRPORT
– Target PortLHOST
– Local IPLPORT
– Local portTHREADS
–
search
– search msf pluginshosts
– list host in databasedb_nmap
– MSF wrapper to run nmap and load data into databaseservices
– list hosts in databaseshow payloads
– show shell code payloadsrun
orexploit
– execute module on RHOSTSsessions
– used to list current active meterpreter sessions
Meterpreter
- Multistage multipurpse exploit payload
- Can be used to run multiple actions like file transfer, provide shells, keyloggers etc.
background
– used to background current session, can be used to execure a module againt the sessionsysinfo
– get system infogetuid
– get user id you are currently running assearch
– search file systemshell
– get shell- msfvenom – cli to build payloads
- there many useful post exploitation options
portfwd
keyscan_start
keyscan_stop
screenshot
hashdump
- and more
Building custom module
- written in ruby
- user modules in
~/.msf4/modules/
- copy existing starting point
cp /usr/share/metaploit-framework/modules/.... ~/.msf4/modules/