Metasploit for beginners InfosecAddicts

Metasploit in a framework that every hacker should know, and besides that, it is a great help to perform tests. In this publication, we will work with all the commands to make it easier for you to work with them. In addition to that, I also perform some tests so that you know the power of this tool.

The first thing we have to do is open a Linux terminal and write $ msfconsole

If the result is something similar to the following image, then that means that Metasploit is correctly installed.

Core Commands:

help: Display the summary of commands that can be used in msfconsole.

banner: Change and display banner in msfconsole.

cd: Change the current working directory.

get: Gets the value of a context-specific variable

set: This command allows you to configure Framework options and parameters for the current module that is selected on the console.

unset: It removes a parameter previously configured with set

unsetg: It removes a global variable inside msfconsole

connect: netcat like function to connect to a host machine build into msfconsole.

exit: Exit the Metasploit console.

getg: Gets the value of global variable

grep: It matches a given pattern from the output of another msfconsole command

history: Shows command that are previously used in Metasploit

irb: Opens a live ruby interactive shell

load: Loads a Metasploit plugin

quit: Exit the Metasploit console

route: It allows you to route sockets through a session or ‘comm’, providing basic pivoting capabilities

save: This command allows you to save your current environment and settings

sessions: This command allows you to list, interact, and kill spawned sessions

setg: This command is used to set global variables within msfconsole

sleep: Do nothing for the specified number of seconds

spool: It allows a user to save the output of Metasploit console to a specified file

threads: View and manipulate background threads

unload: unloads a previously loaded plugin and removes any extended commands

version: Show the framework and console library version numbers


Module Commands:

use: It is used to select a particular module.

show: This command displays modules of a given type, or display all modules.

options: It shows you the available parameters for an exploit.

back: Once you have finished working with a particular module, or if you inadvertently select the wrong module, you can issue the back command to move out of the current context.

advanced: It is used to further fine-tune a module, ‘show advanced’ displays a more advanced option for a module.

info: It provides detailed information about a particular module including all options, targets, and other information.

search: It searchers module names and descriptions

loadpath: It loads a third-party module tree for the path.

popm: It pops the pushed module from the top of the module stack.

previous: It sets the previously loaded module as the current module.

pushm: This command pushes the current module on to the stack.

reload_all: It reloads all modules from all defined module paths.


I advise you to learn all the above commands so you can plan and carry out the attacks or tests correctly.

If you are very interested in learning more about this topic, it leaves you a list of related courses.


Related courses:

Ultimate Hacklab Self Paced

Try Certified Ethical Hacker for FREE!!!





Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.