Metasploit Framework for Penetration Tester

The msfconsole is probably the most popular interface to the Metasploit Framework (MSF). It provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the MSF. Msfconsole may seem intimidating at first, but once you learn the syntax of the commands you will learn to appreciate the power of utilizing this interface.

With msfconsole, you can access and use all Metasploit plug-ins, payloads, the use exploit modules, post module and so on. MSFCONSOLE interface can integrate to third-party programs as well, such as nmap, sqlmap, etc., can be used directly in msfconsole inside.

 

To start MSFCONSOLE, you need only type msfconsole on your command prompt window.

When msfconsole is started, you can view all exploits modules, auxiliary modules; all payloads on Metasploit-Framework.
On Msfconsole, there are two options to view the help:
  •  msfconsole -h — displayed in msfconsole initialization
  • msfconsole -help — can be used after entering msfconsole display.
MSFCONSOLE parameter
  • banner —  view metasploit version information, view all modules
  • back — used to return
  • chech — many of the modules do not support the use of this parameter
  • color —  set some color command line
  • connect — used for remote connection to the host.
  • edit — edit the current module
  • info — view information, including the option to take advantage of the conditions, the vulnerability author, you can use the payload, and so on.
  • irb —  enter irb script mode, and execute commands to create the script.
  • jobs —  can be viewed on msfconsole, you can check which task currently exist, and can choose to end task unwanted.
  • kill — can terminate unwanted processes
  • load/unload —  load/unload a number of plug-in from inside the plug metasploit library
  • resource — run some resource files, some tools, such as Karmetasploit very need this parameter.
  • route —  the forwarding agent
  • search — find modules that you want to use
– search by name:
– search by name + type and more…
  • set/unset — setting/un-setting paramter of modules
  • show — show all of the payload, the ese of modules, post modules, plugins and so on
  • use — use module