-
Notifications
You must be signed in to change notification settings - Fork 0
Metasploit Cheatsheet
Metasploit is a popular open-source framework for creating, testing, and deploying exploits. It is used by hackers (ethical and otherwise) and security researchers to test the security of machines, networks, and infrastructure.
Metasploit’s collection of exploits, payloads, and tools to conduct penetration testing can speed up the testing process and take on much of the heavy lifting.
Most of the available tools and exploits only require filling in some basic information, such as the target ip address and port number and possibly operating system or software version of the target. Very little modification is required of the user.
It also has the ability to easily upload files to and download files from a target system, perform network scanning, routing network traffic, and manage multiple sessions at once.
Whether you're a security professional or a student learning about cybersecurity, Metasploit is a valuable tool to have in your arsenal.
These will allow you to view and manipulate network information and data transmission on a target network.
| ipconfig: | Show network interface configuration |
| portfwd: | Forward packets |
| route: | View / edit network routing table |
These commands can be used in an existing meterpreter session to enumerate and manipulate you target.
| BASIC AND FILE HANDLING COMMANDS | |
|---|---|
| sysinfo | Display system in formation |
| ps | List and display running processes |
| kill (PID) | Terminate a running process |
| getuid | Display user ID |
| upload or download | Upload / download a file |
| pwd or lpwd | Print working directory ( local / remote) |
| cd or lcd | Change directory ( local or remote) |
| cat | Display file content |
| bglist | show background running scripts |
| bgrun | make a script run in the background |
| bgkill | terminate a background process |
| background | Move active session to background |
| edit | Edit a file in vi editor |
| shell | Access shell on the target machine |
| migrate | Switch to another process |
| idletime | Display idle time of user |
| screenshot | Take a screenshot |
| clearev | Clear the system logs |
| ? or Help | Help showing all the commands |
| exit / quit : | Exit the Meterpreter session |
| shutdown / reboot | Restart the system |
| use | Extension load |
| channel | Show active channels |
Say goodbye to the hassle of trying to remember the exact syntax for your Metasploit commands! With our Metasploit Command Generator, you can simply say what you need Metasploit to do, and we will generate the command for you.
Generate
Gather information on running software and processes on the target machine with these commands.
| COMMAND | DESCRIPTION |
|---|---|
| getpid: | Display the process ID |
| getuid: | Display the user ID |
| ps: | Display running process |
| Kill: | Stop and terminate a process |
| getprivs | Shows multiple privileges as possible |
| reg | Access target machine registry |
| Shell | Access target machine shell |
| execute: | Run a specified |
| migrate: | Move to a given destination process ID |
View the target desktop and capture keystrokes with these commands.
| enumdesktops | Show all available desktops |
| Getdesktop | Display current desktop |
| keyscan_ start | Start keylogger in target macahine |
| Keyscan_ stop | Stop keylogger in target machine |
| set _desktop | Configure desktop |
| keyscan_dump | Dump keylogger content |
Steal user and system passwords.
| hashdump | Access content of password file – Hash file |
Use these flags to generate reverse shell payloads.
| SWITCH | SYNTAX | DESCRIPTION |
|---|---|---|
| -p | – p (Payload option) | Display payload standard options |
| – l | – l ( list type) | List module type i .e payload, encoders |
| – f | – f ( format ) | output format |
| – e | -e (encoder) | Define which encoder to use |
| -a | – a (Architecture or platform | Define which platform to use |
| -s | -s (Space) | Define maximum payload capacity |
| -b | -b (characters) | Define set of characters not to use |
| – i | – i (Number of times) | Define number of times to use encoder |
| -x | -x (File name) | Define a custom file to use as template |
| – o | -o (output) | Save a payload |
| – h | -h | Help |