Metasploit is an advanced hacking tool that comes itself with a complete pack of advanced penetration testing tools. Penetration testers and hackers are taking so much advantage of this tool. It’s a complete hack pack for a hacker that he can play almost any attack with it. Here I am going to discuss basics of metasploit. I am not covering attacks in this article, as I am just making sure to share the basics of metasploit and basic commands of metasploit. So, we can get back to cover attacks of metasploit in the next articles.
Basics of Metasploit
Metasploit framework has three types of working environments.
- msfcli interface
- msfweb interface
However, the most preferred and used is the ‘msfconsole’. It’s a very efficient command line interface that has its own set of commands and system’s working environment.
First of all it’s most important to know and understand all the useful commands of metasploit that are going to be used.
Basic Commands of Metasploit
Password : EHT
Metasploit have a huge number of command that we can use in different type of attacks, but I am just going to share the most used and useful commands here that a beginner can easily understand and follow ’em.
- help (It will give the basic commands you need to launch an exploit.
- search (Finds out the keywords in the selected attack method).
- show exploits (Shows list of available exploit in the selected option).
- show payloads (It lists all the payloads available).
- show options (It helps you to know all the options if you might have forgotten one).
- info (This is used to get information about any exploit or payload).
- use (It tells Metasploit to use the exploit with the specified name).
- set RHOST (Sets the address of specified remote host).
- set RPORT (Sets up port that connect to on the remote host).
- set PAYLOAD (It sets the payload that gives you a shell when a service is exploited).
- set LPORT (Sets the port number that the payload will open on the server when an exploit is exploited).
- exploit (It actually exploits the service).
- rexploit (Reloads your exploit code and then executes the exploit without restarting the console).
These are the most used metasploit commands which comes handy in most of the situations during any sort of attack. You must give all the commands a try and understand ’em how it works and then move to the next part of designing an attack.
Note: Use Virtual Machine and scan on VirusTotal before downloading any program on Host Machine for your privacy.