Using metasploit kali linux

Tool Documentation:

One of the best sources of information on using the Metasploit Framework is Metasploit Unleashed, a free online course created by OffSec. Metasploit Unleashed guides you from the absolute basics of Metasploit all the way through to advanced topics.

Packages and Binaries:

metasploit-framework

The Metasploit Framework is an open source platform that supports vulnerability research, exploit development, and the creation of custom security tools.

Installed size: 475.87 MB
How to install: sudo apt install metasploit-framework

  • bundler
  • curl
  • gcc-mingw-w64-i686-win32
  • gcc-mingw-w64-x86-64-win32
  • git
  • john
  • libc6
  • libffi8
  • libgcc-s1
  • libpcap0.8
  • libpq5
  • libruby3.1
  • libsqlite3-0
  • libssl3
  • libstdc++6
  • nasm
  • nmap
  • openssl
  • oracle-instantclient-basic
  • postgresql
  • python3
  • rake
  • ruby
  • ruby-json
  • wget
msf-egghunter
[email protected]:~# msf-egghunter -h Usage: msf-egghunter [options] Example: msf-egghunter -f python -e W00T Specific options: -f, --format See --list-formats for a list of supported output formats -b, --badchars (Optional) Bad characters to avoid for the egg -e, --egg The egg (Please give 4 bytes) -p, --platform (Optional) Platform --startreg (Optional) The starting register --forward (Optional) To search forward --depreg (Optional) The DEP register --depdest (Optional) The DEP destination --depsize (Optional) The DEP size --depmethod (Optional) The DEP method to use (virtualprotect/virtualalloc/copy/copy_size) -a, --arch (Optional) Architecture --list-formats List all supported output formats -v, --var-name (Optional) Specify a custom variable name to use for certain output formats -h, --help Show this message 
msf-exe2vba
[email protected]:~# msf-exe2vba -h Usage: msf-exe2vba [exe] [vba] 
msf-exe2vbs
[email protected]:~# msf-exe2vbs -h Usage: msf-exe2vbs [exe] [vbs] 
msf-find_badchars
[email protected]:~# msf-find_badchars -h Usage: msf-find_badchars OPTIONS: -b The list of characters to avoid: '\x00\xff' -h Help banner -i Read memory contents from the supplied file path -t The format that the memory contents are in (empty to list) 
msf-halflm_second
[email protected]:~# msf-halflm_second -h Usage: msf-halflm_second OPTIONS: -h Display this help information -n The encypted LM hash to crack -p The decrypted LANMAN password for bytes 1-7 -s The server challenge (default value 1122334455667788) 
msf-hmac_sha1_crack
[email protected]:~# msf-hmac_sha1_crack -h Usage: msf-hmac_sha1_crack hashes.txt The format of hash file is ::
msf-java_deserializer
[email protected]:~# msf-java_deserializer -h Usage: msf-java_deserializer [option] -a, --array=ID Print detailed information about content array -o, --object=ID Print detailed information about content object -h, --help Prints this help 
msf-jsobfu
[email protected]:~# msf-jsobfu -h Usage: msf-jsobfu [options] Specific options: -t, --iteration Number of times to obfuscate the JavaScript -i, --input The JavaScript file you want to obfuscate (default=1) -o, --output Save the obfuscated file as -p id1,id2, The identifiers to preserve --preserved-identifiers -h, --help Show this message 
msf-makeiplist
msf-md5_lookup
[email protected]:~# msf-md5_lookup -h Usage: msf-md5_lookup [options] Specific options: -i, --input The file that contains all the MD5 hashes (one line per hash) -d, --databases (Optional) Select databases: all, authsecu, i337, md5_my_addr, md5_net, md5crack, md5cracker, md5decryption, md5online, md5pass, netmd5crack, tmto (Default=all) -o, --out (Optional) Save the results to a file (Default=md5_results.txt) -h, --help Show this message 
msf-metasm_shell
[email protected]:~# msf-metasm_shell -h Usage: msf-metasm_shell OPTIONS: -a The architecture to encode as (ARM, Ia32, MIPS, X86_64) -e The endianess to encode as (big, little) -h Display this help information 
msf-msf_irb_shell
msf-nasm_shell
[email protected]:~# msf-nasm_shell -h 0 bits not supported 
msf-pattern_create
[email protected]:~# msf-pattern_create -h Usage: msf-pattern_create [options] Example: msf-pattern_create -l 50 -s ABC,def,123 Ad1Ad2Ad3Ae1Ae2Ae3Af1Af2Af3Bd1Bd2Bd3Be1Be2Be3Bf1Bf Options: -l, --length The length of the pattern -s, --sets Custom Pattern Sets -h, --help Show this message 
msf-pattern_offset
[email protected]:~# msf-pattern_offset -h Usage: msf-pattern_offset [options] Example: msf-pattern_offset -q Aa3A [*] Exact match at offset 9 Options: -q, --query Aa0A Query to Locate -l, --length The length of the pattern -s, --sets Custom Pattern Sets -h, --help Show this message 
msf-pdf2xdp
[email protected]:~# msf-pdf2xdp -h Usage: msf-pdf2xdp input.pdf output.xdp 
msf-virustotal
[email protected]:~# msf-virustotal -h Usage: msf-virustotal [options] Specific options: -k (Optional) Virusl API key to use -d (Optional) Number of seconds to wait for the report -q (Optional) Do a hash search without uploading the sample -f Files to scan Common options: -h, --help Show this message 
msfconsole

Metasploit Framework Console

[email protected]:~# msfconsole -h Usage: msfconsole [options] Common options: -E, --environment ENVIRONMENT Set Rails environment, defaults to RAIL_ENV environment variable or 'production' Database options: -M, --migration-path DIRECTORY Specify a directory containing additional DB migrations -n, --no-database Disable database support -y, --yaml PATH Specify a YAML file containing database settings Framework options: -c FILE Load the specified configuration file -v, -V, --version Show version Module options: --defer-module-loads Defer module loading unless explicitly asked -m, --module-path DIRECTORY Load an additional module path Console options: -a, --ask Ask before exiting Metasploit or accept 'exit -y' -H, --history-file FILE Save command history to the specified file -l, --logger STRING Specify a logger to use (Flatfile, Stderr, Stdout, StdoutWithoutTimestamps, TimestampColorlessFlatfile) --[no-]readline -L, --real-readline Use the system Readline library instead of RbReadline -o, --output FILE Output to the specified file -p, --plugin PLUGIN Load a plugin on startup -q, --quiet Do not print the banner on startup -r, --resource FILE Execute the specified resource file (- for stdin) -x, --execute-command COMMAND Execute the specified console commands (use ; for multiples) -h, --help Show this message 
msfd
[email protected]:~# msfd -h Usage: msfd OPTIONS: -a Bind to this IP address instead of loopback -A Specify list of hosts allowed to connect -D Specify list of hosts not allowed to connect -f Run the daemon in the foreground -h Help banner -p Bind to this port instead of 55554 -q Do not print the banner on startup -s Use SSL 
msfdb
[email protected]:~# msfdb -h Manage the metasploit framework database You can use an specific port number for the PostgreSQL connection setting the PGPORT variable in the current shell. Example: PGPORT=5433 msfdb init msfdb init # start and initialize the database msfdb reinit # delete and reinitialize the database msfdb delete # delete database and stop using it msfdb start # start the database msfdb stop # stop the database msfdb status # check service status msfdb run # start the database and run msfconsole 
msfrpc
[email protected]:~# msfrpc -h Usage: msfrpc OPTIONS: -a Connect to this IP address -h Help banner -p Connect to the specified port instead of 55553 -P Specify the password to access msfrpcd -S Disable SSL on the RPC socket -U Specify the username to access msfrpcd 
msfrpcd
[email protected]:~# msfrpcd -h Usage: msfrpcd OPTIONS: -a Bind to this IP address (default: 0.0.0.0) -c (JSON-RPC) Path to certificate (default: /root/.msf4/msf-ws-cert.pem) -f Run the daemon in the foreground -h Help banner -j (JSON-RPC) Start JSON-RPC server -k (JSON-RPC) Path to private key (default: /root/.msf4/msf-ws-key.pem) -n Disable database -p Bind to this port (default: 55553) -P Specify the password to access msfrpcd -S Disable SSL on the RPC socket -t Token Timeout seconds (default: 300) -U Specify the username to access msfrpcd -u URI for Web server -v (JSON-RPC) SSL enable verify (optional) client cert requests 
msfupdate
[email protected]:~# msfupdate -h msfupdate is no longer supported when Metasploit is part of the operating system. Please use 'apt update; apt install metasploit-framework' 
msfvenom

Payload Generator and Encoder

[email protected]:~# msfvenom -h MsfVenom - a Metasploit standalone payload generator. Also a replacement for msfpayload and msfencode. Usage: /usr/bin/msfvenom [options] Example: /usr/bin/msfvenom -p windows/meterpreter/reverse_tcp LHOST= -f exe -o payload.exe Options: -l, --list List all modules for [type]. Types are: payloads, encoders, nops, platforms, archs, encrypt, formats, all -p, --payload Payload to use (--list payloads to list, --list-options for arguments). Specify '-' or STDIN for custom --list-options List --payload 's standard, advanced and evasion options -f, --format Output format (use --list formats to list) -e, --encoder The encoder to use (use --list encoders to list) --service-name The service name to use when generating a service binary --sec-name The new section name to use when generating large Windows binaries. Default: random 4-character alpha string --smallest Generate the smallest possible payload using all available encoders --encrypt The type of encryption or encoding to apply to the shellcode (use --list encrypt to list) --encrypt-key A key to be used for --encrypt --encrypt-iv An initialization vector for --encrypt -a, --arch The architecture to use for --payload and --encoders (use --list archs to list) --platform The platform for --payload (use --list platforms to list) -o, --out Save the payload to a file -b, --bad-chars Characters to avoid example: '\x00\xff' -n, --nopsled Prepend a nopsled of [length] size on to the payload --pad-nops Use nopsled size specified by -n as the total payload size, auto-prepending a nopsled of quantity (nops minus payload length) -s, --space The maximum size of the resulting payload --encoder-space The maximum size of the encoded payload (defaults to the -s value) -i, --iterations The number of times to encode the payload -c, --add-code Specify an additional win32 shellcode file to include -x, --template Specify a custom executable file to use as a template -k, --keep Preserve the --template behaviour and inject the payload as a new thread -v, --var-name Specify a custom variable name to use for certain output formats -t, --timeout The number of seconds to wait when reading the payload from STDIN (default 30, 0 to disable) -h, --help Show this message 

Источник

Читайте также:  Custom vkp 80 linux
Оцените статью
Adblock
detector