Metasploit commands for beginners
What is metasploit
Metasploit is an open source tool penetration testing tool.It is written in ruby initially it was written in perl though.
Metasploit is one of the most used tool by bad guys(Hackers) and white hat hackers.Metasploit is an awesome tool for finding vulnerabilities in websites ,operating systems and networks.
Features of Metasploit
- Metasploit is not a single tool.It is collection of hundreds of tools.
- Metasploit is very powerful it is used to break into remote systems.
- It is loaded with 1502 exploits and 434 payloads.
- You can launch exploits,create listeners and configure payloads.
- You can write your own exploit or modify metasploit's exploits to do that you must have good command over ruby.
These are just few and most awesome features that i mentioned,Metasploit have many , many features for more visit official website. It won't help if we just learn theoretical stuff more you play around with Metasploit more you will discover it.So let's jump to the practical part.Open your terminal.
Start postgresql database
Before starting Metasploit we must start postgresql services.Below command starts database to store all of the metasploit exploits.So everytime you use METASPLOIT you must start postgresql services. It runs little faster with postgresql:
root@seven:~# service postgresql start
Now let's start metasploit:
When your metasploit starts you will be presented with above or may be different banner.Now you are inside Metasploit.
Now Check whether you are connected with Metasploit database or not.If you get the message connected to Msf then everything is good.
msf > db_status [*] postgresql connected to msf
The below command generates random banners.
msf > banner
If you want to clear or get rid of banners or clear terminal then just type:
msf > clear
If you need any help then just type ? mark it brings up help menu.It displays all the commands with short descriptions.
sf > ? Core Commands ============= Command Description ------- ----------- ? Help menu advanced Displays advanced options for one or more modules back Move back from the current context banner Display an awesome metasploit banner cd Change the current working directory color Toggle color connect Communicate with a host edit Edit the current module with $VISUAL or $EDITOR exit Exit the console get Gets the value of a context-specific variable getg Gets the value of a global variable go_pro Launch Metasploit web GUI grep Grep the output of another command help Help menu info Displays information about one or more modules irb Drop into irb scripting mode jobs Displays and manages jobs kill Kill a job load Load a framework plugin
Show all the exploits inside Metasploit
The below command will show you all the exploits or tools available in Metasploit.There are tons of tools so it takes little time to load.There are different exploits for database,ssh,ftp.windows and linux. etc.Go through all.
msf >show exploits Exploits ========
You can always filter exploits according to your need.Lets say you want to find an exploit related to ftp just type the following:
msf > search ftp Matching Modules ================ Name Disclosure Date Rank Description ---- --------------- ---- ----------- auxiliary/admin/cisco/vpn_3000_ftp_bypass 2006-08-23 normal Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access auxiliary/admin/officescan/tmlisten_traversal normal TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access auxiliary/admin/tftp/tftp_transfer_util normal TFTP File Transfer Utility auxiliary/dos/scada/d20_tftp_overflow 2012-01-19 normal General Electric D20ME TFTP Server Buffer Overflow DoS auxiliary/dos/windows/ftp/filezilla_admin_user 2005-11-07 normal FileZilla FTP Server Admin Interface Denial of Service auxiliary/dos/windows/ftp/filezilla_server_port 2006-12-11 normal FileZilla FTP Server Malformed PORT Denial of Service auxiliary/dos/windows/ftp/guildftp_cwdlist 2008-10-12 normal Guild FTPd 0.999.8.11/0.999.14 Heap Corruption auxiliary/dos/windows/ftp/iis75_ftpd_iac_bof 2010-12-21 normal Microsoft IIS FTP Server Encoded Response Overflow Trigger auxiliary/dos/windows/ftp/iis_list_exhaustion 2009-09-03 normal Microsoft IIS FTP Server LIST Stack Exhaustion auxiliary/dos/windows/ftp/solarftp_user 2011-02-22 normal Solar FTP Server Malformed USER Denial of Service auxiliary/dos/windows/ftp/titan626_site 2008-10-14 normal Titan FTP Server 6.26.630 SITE WHO DoS auxiliary/dos/windows/ftp/vicftps50_list 2008-10-24 normal Victory FTP Server 5.0 LIST DoS
Detailed information and usage of specific Exploit
If you want to find detailed information and usage of a specific exploit then type the following command. Just write info and paste or write the exploit name. I have picked ftp_login exploit it looks juicy. This is useful.
msf > info auxiliary/scanner/ftp/ftp_login Name: FTP Authentication Scanner Module: auxiliary/scanner/ftp/ftp_login License: Metasploit Framework License (BSD) Rank: Normal
In order to use an exploit you have to write use and give exploit name that you want to use.
msf > use auxiliary/scanner/ftp/ftp_login msf auxiliary(ftp_login) >
Show options command displays the configurations to set the exploit.Now when we are inside the exploit just type the below command it will show you the options that you need set to run the exploit.
msf auxiliary(ftp_login) > show options
Once you have configured the exploit and are ready to attack.Write the below command to launch exploit
msf auxiliary(ftp_login) > exploit
modify source code of an exploit
You can actually add your own code into the Metasploit's exploit.With the below command you can see and modify the source code of an exploit. This is freaking awesome if you are a programmer what else you need you can a lot.But remember you need to be inside the exploit.
msf auxiliary(ftp_login) > edit
If you want to go one step back then write the back command:
msf auxiliary(ftp_login) > back
Check out all the payloads in Metasploit.
msf > show payloads Payloads ========
Run Nmap commands inside Metasploit
You can run all the nmap commands inside metasploit. Example:
msf > nmap -F linuxxcomputing.com [*] exec: nmap -F linuxxcomputing.com Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-12-19 13:19 EST Nmap scan report for linuxxcomputing.com (22.214.171.124) Host is up (0.18s latency). rDNS record for 126.96.36.199: ip-107-180-0-245.ip.secureserver.net Not shown: 86 filtered ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh
Exit command will exit or quit Metasploit.It returns you to the main Linux shell /terminal.
msf > exit
I hope it helped you please share it among your friends.