Metasploit for beginners
Ruben Dario Caravajal Herrera
Metasploit in a framework that every hacker should know, and besides that, it is a great help to perform tests. In this publication, we will work with all the commands to make it easier for you to work with them. In addition to that, I also perform some tests so that you know the power of this tool.
The first thing we have to do is open a Linux terminal and write $ msfconsole
If the result is something similar to the following image, then that means that Metasploit is correctly installed.
Core Commands:
help: Display the summary of commands that can be used in msfconsole.
banner: Change and display banner in msfconsole.
cd: Change the current working directory.
get: Gets the value of a context-specific variable
set: This command allows you to configure Framework options and parameters for the current module that is selected on the console.
unset: It removes a parameter previously configured with set
unsetg: It removes a global variable inside msfconsole
connect: netcat like function to connect to a host machine build into msfconsole.
exit: Exit the Metasploit console.
getg: Gets the value of global variable
grep: It matches a given pattern from the output of another msfconsole command
history: Shows command that are previously used in Metasploit
irb: Opens a live ruby interactive shell
load: Loads a Metasploit plugin
quit: Exit the Metasploit console
route: It allows you to route sockets through a session or ‘comm’, providing basic pivoting capabilities
save: This command allows you to save your current environment and settings
sessions: This command allows you to list, interact, and kill spawned sessions
setg: This command is used to set global variables within msfconsole
sleep: Do nothing for the specified number of seconds
spool: It allows a user to save the output of Metasploit console to a specified file
threads: View and manipulate background threads
unload: unloads a previously loaded plugin and removes any extended commands
version: Show the framework and console library version numbers
Module Commands:
use: It is used to select a particular module.
show: This command displays modules of a given type, or display all modules.
options: It shows you the available parameters for an exploit.
back: Once you have finished working with a particular module, or if you inadvertently select the wrong module, you can issue the back command to move out of the current context.
advanced: It is used to further fine-tune a module, ‘show advanced’ displays a more advanced option for a module.
info: It provides detailed information about a particular module including all options, targets, and other information.
search: It searchers module names and descriptions
loadpath: It loads a third-party module tree for the path.
popm: It pops the pushed module from the top of the module stack.
previous: It sets the previously loaded module as the current module.
pushm: This command pushes the current module on to the stack.
reload_all: It reloads all modules from all defined module paths.
I advise you to learn all the above commands so you can plan and carry out the attacks or tests correctly.
If you are very interested in learning more about this topic, it leaves you a list of related courses.
Related courses:
Try Certified Ethical Hacker for FREE!!!
[ihc-select-level]
References:
https://www.metasploit.com/
https://en.wikipedia.org/wiki/Metasploit_Project
https://www.computerworld.com.au/article/659228/what-metasploit-how-use-popular-hacking-tool/
