Metasploit / Network PenTest / WebApp PenTest

Metasploit Framework for Penetration Tester

by do son · Published October 15, 2016 · Updated July 27, 2017

The msfconsole is probably the most popular interface to the Metasploit Framework (MSF). It provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the MSF. Msfconsole may seem intimidating at first, but once you learn the syntax of the commands you will learn to appreciate the power of utilizing this interface.

With msfconsole, you can access and use all Metasploit plug-ins, payloads, the use exploit modules, post module and so on. MSFCONSOLE interface can integrate to third-party programs as well, such as nmap, sqlmap, etc., can be used directly in msfconsole inside.

To start MSFCONSOLE, you need only type msfconsole on your command prompt window.

When msfconsole is started, you can view all exploits modules, auxiliary modules; all payloads on Metasploit-Framework.

On Msfconsole, there are two options to view the help:

msfconsole -h — displayed in msfconsole initialization

msfconsole -help — can be used after entering msfconsole display.

MSFCONSOLE parameter

banner — view metasploit version information, view all modules

back — used to return

chech — many of the modules do not support the use of this parameter

color — set some color command line

connect — used for remote connection to the host.

edit — edit the current module

info — view information, including the option to take advantage of the conditions, the vulnerability author, you can use the payload, and so on.

irb — enter irb script mode, and execute commands to create the script.

jobs — can be viewed on msfconsole, you can check which task currently exist, and can choose to end task unwanted.

kill — can terminate unwanted processes

load/unload — load/unload a number of plug-in from inside the plug metasploit library

resource — run some resource files, some tools, such as Karmetasploit very need this parameter.

route — the forwarding agent

search — find modules that you want to use

– search by name:

– search by name + type and more…

set/unset — setting/un-setting paramter of modules

show — show all of the payload, the ese of modules, post modules, plugins and so on

use — use module

Share

Tags: kali metasploit