Metasploit helps security teams identify and verify vulnerabilities, improve security awareness and manage gnarly security situations. The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.
What will you find in the Metasploit Cheat Sheet: Framework Components, Meterpreter commands, Networking commands, Interface / output commands, Password management commands, Process handling commands, Msfvenom command options.
Framework Components:
Metasploit Meterpreter: The Meterpreter is a payload within the Metasploit Framework that provides control over an exploited target system, running as a DLL loaded inside of any process on a target machine.
Metasploit msfvenom: The msfvenom tool is a component of the Metasploit Framework that allows users to generate a standalone version of any payload within the framework. Payloads can be generated in a variety of formats including executable, Ruby script, and raw shellcode. The msfvenom tool can also encode payloads to help avoid detection.
Meterpreter commands:
| ? or Help | Shows all the available commands |
| background | Move active session to background |
| Bgkill | Terminate a background process |
| bglist | Show background running scripts |
| bgrun | Make a script run in background |
| cat | Display file content |
| cd or lcd | Change directory (local or remote) |
| channel | Show active channels |
| clearev | Clear the system logs |
| edit | Edit a file in vi editor |
| exit / quit | Exit the Meterpreter session |
| getuid | Display user ID |
| idletime | Display idle time of user |
| kill (PID) | Terminate a running process |
| migrate | Switch to another process |
| ps | List and display running processes |
| pwd or lpwd | Print working directory (local / remote) |
| screenshot | Take a screenshot |
| shell | Access shell on the target machine |
| shutdown / reboot | Restart system |
| sysinfo | Display system information |
| upload or download | Upload / download a file |
| use | Extension load |
Networking commands:
| ipconfig: | Show network interface configuration |
| portfwd: | Forward packets |
| route: | View / edit network routing table |
Process handling commands:
| execute: | Run a specified |
| getpid | Display the process ID |
| getprivs | Shows multiple privileges as possible |
| getuid | Display the user ID |
| kill | Stop and terminate a process |
| migrate | Move to a given destination process ID |
| ps: | Display running processes |
| reg | Access target machine registry |
| Shell | Access target machine shell |
Interface / output commands:
| enumdesktops | Show all available desktops |
| getdesktop | Display current desktop |
| keyscan_dump | Dump keylogger content |
| keyscan_start | Start keylogger in target machine |
| keyscan_stop | Stop keylogger in target machine |
| set_desktop | Configure desktop |
Password management commands:
| hashdump | Access content of password file – Hash file |
Msfvenom command options:
| -a | -a (Architecture or platform) | Define which platform to use |
| -b | -b (characters) | Define set of characters not to use |
| -e | -e(encoder) | Define which encoder to use |
| -f | -f (format) | Output format |
| -h | -h | Help |
| -i | -i (Number of times) | Define number of times to use encoder |
| -l | -l( list type) | List module type i.e payloads, encoders |
| -o | -o (output) | Save a payload |
| -p | -p (Payload option) | Display payload standard options |
| -s | -s (Space) | Define maximum payload capacity |
| -x | -x (File name ) | Define a custom file to use as template |
