Created: 2022-07-16
Tags: #fleeting
Launch Metasploit with msfconsole
This msfconsole helps us to interact with different modules of Metasploit Framework.
What is a Module in Metasploit
Exploit - A code that takes advantage of existing vulnerability in the system
Vulnerability: A logical, code, or design flaw in a program
Payload - A code that helps us do what we want in a target system
Each exploit module has a ranking system
Look her efor always updated info -> https://docs.metasploit.com/docs/using-metasploit/intermediate/exploit-ranking.html
Inside of the MSFconsole
it supports most Linux commands, clear, ls, cd
it supports tab completion
DOES NOT support output redirection, as seen below.
msf6 > help > help.txt
[-] No such command
msf6 >
Context is like what exploit module we're currently in.
this means that unless set as a global variable,
all parameter settings will be lost if you change the module you have decided to use.
Like this example below
In the example below, we used
ms17_010_eternalblue exploit,
and we set parameters such asRHOSTS.
If we were to switch to another module likeport scanner,
we would need to set theRHOSTSvalue again
as all changes we made remained in context ofms17_010_eternalblue exploit
Once you type the command
-> use exploit/windows/smb/ms17_010_eternalblue
-> you will see cli prompt change...
from msf6 to msf6 exploit(windows/smb/ms17_010_eternalblue)
Quick Info about EternalBlue
msf6 > use exploit/windows/smb/ms17_010_eternalblue
[*] No payload configured, defaulting to windows/x64/meterpreter/reverse_tcp
msf6 exploit(windows/smb/ms17_010_eternalblue) >
info command .
back command
use command
show options
Idk, it shows you options I guess?
search command
Syntax: search <CVE numbers, exploit names, target system>
Example ->search ms7-010.
You can conduct searches using
-> CVE numbers,
-> exploit names (eternalblue, heartbleed, etc.)
-> target system.
search uses Metasploit Framework Database to give the results of the searches