So you’ve heard about the many capabilities Metasploit has to offer. You may have already tried using it, but wondered; is there something I’m missing? Metasploit is the best exploit tool on the planet but it can be complex. Because of that we decided to cover some of the more useful Metasploit commands to get you moving or for you to refer back to!
Metasploit Core Commands
help or ?
Use these commands to display the help menu.
exit or quit
Exit the console. The Ctrl+d key combination has the same effect.
Shows version numbers for the Metasploit framework and console libraries.
Show a random(ly awesome, they say) Metasploit banner. For reference, the banner is the piece of ASCII art you see every time you launch Metasploit.
Exploits and other modules
Modules are all the scripts, files, programs, etc. that Metasploit contains. The following commands are some of the most used when interacting with modules.
Searches module names and descriptions. Modules can be filtered by type (exploit, auxiliary, post, etc.), platform (hardware or software, OS), CVE, etc.
This command is used to select a module to be used, entering its context.
Shows detailed information about either the selected module. If you’re still not inside the context of a module, the module name can be entered as a parameter.
Used to show information, options, detailed information, list modules, etc. This command can receive the following parameters:
Exits the current context, and moves to the previous one.
Sets a variable to a value, depending on its context. For example, if we’re inside the context of a module, we can use this command to set the value of a parameter.
The following screenshot demonstrates how you can set a few options for an auxiliary module:
exploit or run
To execute the module, we can use either the exploit or run commands.
If you want to run the module in the background, you just need to pass the -j flag, so it runs as a job.
If a module has failed, or you’ve exited its context accidentally, you can use the reload command to load it again.
Lists and manages all running jobs. Notice how the third column displays the Payload and its options; including the target host, and the port that we’re listening on.
Kills a job; the job ID must be provided as a parameter.
Shows listed information about currently active sessions, and allows you to interact with them. A session can be a shell, a Meterpreter session, a VNC session, etc.
To interact with a job, we need to pass the -i flag, plus the job ID.
Database Backend Commands
Used to list workspaces, and to switch to a different workspace; when the workspace name is given as a parameter.
To add new workspaces, you can use the -a flag, followed by the name that will identify the new workspace.
Remember you can use the help command to obtain information about which flags you can use.
Connects to the database.
Disconnects from the active database.
Once Meterpreter has allowed you to log in to the target system, you have a whole new set of commands at your disposal. However, you can still use the help command; which will now show help about either all modules or a specific module, whose name needs to be passed as a parameter.
Still inside the context of the Meterpreter shell, the sysinfo command displays system information; including OS type and the type of Meterpreter shell being used.
There you have it. These are the most important metasploit commands you’ll ever need!