METASPLOIT

CHEAT
SHEET
FROM NOVICE TO NINJA YOUR
ULTIMATE CHEATSHEET
COMPANION!

VIEH GROUP
 Metasploit
Cheat Sheet

p
Basic Commands:

u
o
`msfconsole`: Launch Metasploit console.

r
`msfupdate`: Update Metasploit to the

g
latest version.
`help` or `?`: Display help information.

h
`exit` or `quit`: Exit the Metasploit console.

ie
Module Basics:

v use [module]: Select a specific module.

@
`show options`: Display options for the
selected module.
`set [option] [value]`: Set values for
module options.
`exploit or `run`: Execute the selected
module.

Social Media: viehgroup www.viehgroup.com [email protected]

 Payloads:
`show payloads`: Display available
payloads.
`set payload [payload]`: Set the payload
for the exploit.
`show options`: Display payload options.
`generate`: Generate the payload.

Exploits:

up
o
`search [keyword]`: Search for modules.

r
`info [module]`: Display information about
a module.

g
`use [exploit]`: Select an exploit module.

h
`show exploits`: Display available exploits.

e
Post-Exploitation

vi
(Meterpreter):
After successful exploitation, you may get a

@
Meterpreter shell.
Common Meterpreter Commands:

`help`: Display Meterpreter command help.

`sysinfo`: Show system information.
`getuid`: Display the user ID.
`ps`: List running processes.
`shell`: Open a command shell on the
target.

Social Media: viehgroup www.viehgroup.com [email protected]

 Database Integration:
`db_status`: Check the status of the
database.
`db_connect [options]`: Connect
Metasploit to a database.
`db_import [path]`: Import scan results
into the database.

p
`db_nmap [options]`: Run Nmap and store

u
results in the database.

o
Meterpreter Post-

r
Exploitation Modules:

g
h
`use [module]`: Select a Meterpreter post-

e
exploitation module.

i
`show options`: Display options for the

v
selected module.
`run`: Execute the selected post-
exploitation module.

@
Resource Script:
Create a text file with Metasploit
commands (e.g., `exploit.rc`).
Use `resource [filename]` to run the
commands in the script.

Social Media: viehgroup www.viehgroup.com [email protected]

 Meterpreter Scripts:
Meterpreter scripts are available in the
`scripts/meterpreter` directory.
Use `run [script]` to execute a Meterpreter
script.

Custom Exploits & Payloads

up
Creating a custom payload

o
msfvenom -p [payload] [options] -f [format] -o

r
[output]

g
Custom Exploit Modules:

h
Create a new exploit module using the

ie
Metasploit framework language.
Refer to Metasploit documentation for

v
details on writing modules.

Advanced Exploitation:

@
Exploit Options:
Explore advanced exploit options such as
AdvancedOptions, TARGETURI, and HTTP::host.

Exploit Options:
Utilize different exploit modes, e.g., `check`,
`exploit`, and `run -j`
Social Media: viehgroup www.viehgroup.com [email protected]
 Powershell Scripting:
Use the `powershell` command within
Meterpreter for PowerShell scripting.

Privilege Escalation:
Explore modules like

p
`local_exploit_suggester` for local privilege

u
escalation.
Use `getsystem` or `rev2self` for escalating

o
privileges.

gr
Database Integration:
Use the database to store information about

h
targets, sessions, and loot.

ie
Reporting:

v
Generate reports using tools like Metasploit
Pro or by exporting data from the database.

@
Resource Scripts:
Create complex resource scripts to automate
multiple tasks.

Ruby Scripting:
Leverage the power of Ruby scripting for
advanced automation and customization.

Social Media: viehgroup www.viehgroup.com [email protected]

 Post Modules:
Explore post-exploitation modules for
gathering information and maintaining
access.
Examples:
`post/multi/gather/enum_domain_users,

p
post/windows/gather/credentials/wdigest`

u
Payload Obfuscation:

o
Obfuscate payloads to evade antivirus

r
detection.

g
Example: `msfvenom -p [payload] -e
[encoder]`.

eh
Browser Exploitation:

vi Utilize modules for client-side attacks, e.g.,

browser-based exploits.
Example: use

@
exploit/windows/browser/ms14_064_ole_co
de_execution.

Port Forwarding:
Use modules like `auxiliary/server/socks4a`
for port forwarding.
Establish routes between networks using
`route`.

Social Media: viehgroup www.viehgroup.com [email protected]

 Password Hash Dumping:
Use modules like
`post/windows/gather/credentials/credenti
al_collector` to dump password hashes.
Crack password hashes using tools like John
the Ripper or Hashcat.

p
Run Nmap from Metasploit:

u
db_nmap -sV -p- [target]

o
-sV: Service version detection.

r
-p-: Scan all ports.

g
[target]: Target IP address or range.

h
Importing Nmap Results:

ie
db_import /path/to/nmap_scan.xml

v
Exploiting Specific Service Versions:

@
Use search to find exploits for a specific
service version identified by Nmap.
search type:exploit service:[service] version:
[version]
Replace `[service]` and `[version]` with the
identified service and version.

Social Media: viehgroup www.viehgroup.com [email protected]

 Use Nmap NSE Scripts:
nmap -p [port] --script [script] [target]

-p [port]: Specify the port.

--script [script]: Run a specific NSE script.
[target]: Target IP address.

Combine Nmap Scan with

p
Metasploit Exploitation:

u
o
Example Workflow:

r
1. Run an Nmap scan: `db_nmap -sV -p-

g
[target]`
2. Import results: `db_import

h
/path/to/nmap_scan.xml`

e
3. Search for exploits: `search type:exploit

i
service:[service] version:[version]`

v
4. Select and use an exploit module: `use
[exploit]`
5. Set options and execute the exploit: `set

@
RHOSTS [target]`, `run`

Social Media: viehgroup www.viehgroup.com [email protected]

 Advanced Nmap Techniques:
Use incremental scanning to evade detection.

nmap -p 1-65535 -T4 -A -oX

incremental_scan.xml --min-rate=1000 [target]

Nmap and Metasploit Collaboration:

p
Automate Nmap Scans in Metasploit:

u
Utilize the `db_autopwn` command to

o
automate the process of exploiting services
discovered by Nmap.

Cleanup:

gr
h
`sessions -l`: List active sessions.

e
`sessions -i [ID]`: Interact with a specific

i
session.

v
`sessions -k [ID]`: Terminate a specific
session.

@
`jobs -K`: Kill all background jobs.

Social Media: viehgroup www.viehgroup.com [email protected]