Msfconsole

From Metasploit Unleashed
Jump to: navigation, search

The msfconsole is probably the most popular interface to the MSF. It provides an "all-in-one" centralized console and allows you efficient access to virtually all of the options available in the Metasploit Framework. Msfconsole may seem intimidating at first, but once you learn the syntax of the commands you will learn to appreciate the power of utilizing this interface.


Benefits

  • It is the only supported way to access most of the features within Metasploit.
  • Provides a console-based interface to the framework
  • Contains the most features and is the most stable MSF interface
  • Full readline support, tabbing, and command completion
  • Execution of external commands in msfconsole is possible:


msf > ping -c 1 192.168.1.100
[*] exec: ping -c 1 192.168.1.100

PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
64 bytes from 192.168.1.100: icmp_seq=1 ttl=128 time=10.3 ms

--- 192.168.1.100 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 10.308/10.308/10.308/0.000 ms
msf >


Launching

The msfconsole is launched by simply running msfconsole from the command line. msfconsole is located in the /usr/share/metasploit-framework/msfconsole directory.

root@kali:# msfconsole

                ##                          ###           ##    ##
##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                     ##


       =[ metasploit v4.8.2-2014021901 [core:4.8 api:1.0] ]
+ -- --=[ 1265 exploits - 695 auxiliary - 202 post ]
+ -- --=[ 330 payloads - 32 encoders - 8 nops      ]


msf >


Help

You can pass -h to msfconsole to see the other usage options available to you.

root@kali:~# msfconsole -h
Usage: msfconsole [options]

Specific options:
    -d                               Execute the console as defanged
    -r                     Execute the specified resource file
    -o                     Output to the specified file
    -c                     Load the specified configuration file
    -m                    Specifies an additional module search path
    -p                       Load a plugin on startup
    -y, --yaml         Specify a YAML file containing database settings
    -M, --migration-path        Specify a directory containing additional DB migrations
    -e ,     Specify the database environment to load from the YAML
        --environment
    -v, --version                    Show version
    -L, --real-readline              Use the system Readline library instead of RbReadline
    -n, --no-database                Disable database support
    -q, --quiet                      Do not print the banner on start up
    -x                      Execute the specified string as console commands (use ; for multiples)

Common options:
    -h, --help                       Show this message

Entering help or a ? once in the msf command prompt will display a listing of available commands along with a description of what they are used for.

msf > help

Core Commands
=============

    Command       Description
    -------       -----------
    ?             Help menu
    back          Move back from the current context
    banner        Display an awesome metasploit banner
    cd            Change the current working directory
    color         Toggle color
    connect       Communicate with a host
    exit          Exit the console
    help          Help menu
    info          Displays information about one or more module
    irb           Drop into irb scripting mode
    jobs          Displays and manages jobs
    kill          Kill a job
    load          Load a framework plugin
    loadpath      Searches for and loads modules from a path
    makerc        Save commands entered since start to a file
    quit          Exit the console
    reload_all    Reloads all modules from all defined module paths
    resource      Run the commands stored in a file
...snip...


Tab Completion

The msfconsole is designed to be fast to use and one of the features that helps this goal is tab completion. With the wide array of modules available, it can be difficult to remember the exact name and path of the particular module you wish to make use of. As with most other shells, entering what you know and pressing 'Tab' will present you with a list of options available to you or auto-complete the string if there is only one option. Tab completion depends on the ruby readline extension and nearly every command in the console supports tab completion.

  • use exploit/windows/dce
  • use .*netapi.*
  • set LHOST
  • show
  • set TARGET
  • set PAYLOAD windows/shell/
  • exp


msf > use exploit/windows/smb/ms
use exploit/windows/smb/ms03_049_netapi
use exploit/windows/smb/ms04_007_killbill
use exploit/windows/smb/ms04_011_lsass
use exploit/windows/smb/ms04_031_netdde
use exploit/windows/smb/ms05_039_pnp
use exploit/windows/smb/ms06_025_rasmans_reg
use exploit/windows/smb/ms06_025_rras
use exploit/windows/smb/ms06_040_netapi
use exploit/windows/smb/ms06_066_nwapi
use exploit/windows/smb/ms06_066_nwwks
use exploit/windows/smb/ms06_070_wkssvc
use exploit/windows/smb/ms07_029_msdns_zonename
use exploit/windows/smb/ms08_067_netapi
use exploit/windows/smb/ms09_050_smb2_negotiate_func_index
use exploit/windows/smb/ms10_061_spoolss
msf > use exploit/windows/smb/ms08_067_netapi