Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 2 (Keywords)


Welcome back, my rookie hackers!

I recently began a series on using Metasploit, and my goal with it is to teach you the very basics the incredibly powerful hacking tool has to offer while progressively moving on to the more advanced features.

In my first Metasploit installment, I showed you the various ways you can use Metasploit, from the msfcli to the msfconsole to the GUI-based Armitage. In addition, I gave an overview of the various modules, including exploits, payloads, and encoders. Finally, we looked at some of the basic searching capabilities built right into Metasploit to help you find specific exploits, payloads, post-exploitation modules, scanners, encoders, etc.

In this second tutorial, we will look at some of the basic commands we can use in Metasploit. Although the Metasploit framework can appear daunting to the uninitiated, it is actually a very simply framework for system exploitation. If you can learn a few keywords and techniques, you can use Metasploit to hack just about any system.

Metasploit Keywords

Undersatnding and using a few keywords in Metasploit can help you navigate and operate this powerful piece of software. Let’s look a few of the most basic and necessary Metasploit commands. This is far from an exhaustive list of Metasploit keywords and commands, but it covers the basic commands you need to function in Metasploit until you gain more experience.

If you already have a little experience in Metasploit and want commands for the meterpreter, check out my meterpreter commands cheat sheet.

1. Show

“Show” is one of the most basic commands in Metasploit. It can be used to show modules, such as show payloads, show exploits, etc. But, it also can be used to show options once we have an exploit chosen.

The “show” command becomes context sensitive when we choose an exploit, so that if we type “show payloads” before selecting an exploit, it will show us ALL the payloads. If we type “show payloads” after selecting an exploit, it will only show us the payloads that will work with that exploit.

For instance, when we want see all the options that we need to set when installing a backdoor with an innocent-looking PDF, we use the “show options” command as below.

Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 2 (Keywords)

2. Help

The “help” command will give you a limited list of commands you can use in msfconsole. If you lose this guide, simply type “help” to get some basic commands.

Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 2 (Keywords)

3. Info

“Info” is another basic command in Metasploit that enables us to see all the basic information about an exploit. After selecting an exploit, we can then type “info” and it will display all of the options, targets, and a description for the exploit. I prefer to type “info” on any exploit I am using to find or remind myself of its features and requirements.

For instance, here is screenshot from the output from the “info” command when using the ftp auxiliary module.

Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 2 (Keywords)

4. Set

“Set” is a basic and critical command/keyword in Metasploit. We can use it to set parameters and variables necessary to run the exploit. These variables can include the payload, the RHOST, the LHOST, the target, URIPATH, etc.

In the screenshot below from my tutorial on using psexec to hack a system, we set RHOST, LHOST, SMBUser, and the SMBPass to hack the system without leaving a trace.

Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 2 (Keywords)

5. Back

When we are done working with a particular module or we chose the wrong module, we can use the “back” command to return to the msfconsole prompt.

For instance, if we chose an exploit and then realized we chose the wrong one, we can simply type “back” and then use the “use” command (see next section) to select another module.

6. Use

When we have decided which exploit we want to use against our target system, we use the “use” command to load that exploit into memory and ready it to send to the target system. An example can be found in my tutorial on using the Heartbleed vulnerability to grab information in memory from systems running OpenSSL.

Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 2 (Keywords)

7. Exploit

After choosing our exploit, setting all of our variables, and choosing our payload, the last thing we do is to type the “exploit” command. This launches the exploit against the target machine with the payload and any variables we might have set.

An example of this can be found in my guide on creating an exploit in an innocent-looking Word doc and sending it to your girlfriend to see whether or not she is cheating.

Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 2 (Keywords)

8. Sessions

The “sessions” command is used to list or set a session. When used with the -l (list) switch, it will list all open sessions. When used with a number (“sessions -1″), it tells Metasploit to activate the first session.

Metasploit allows us to run multiple sessions on the same system or multiple sessions on multiple systems. Using the “sessions” command, we can find these open sessions and switch to or activate them.

You can find an example of this in my guide on creating an auto-reconnecting persistent backdoor on the target system, as seen below.

Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 2 (Keywords)

9. Exit

When we want to leave the msfconsole, we can simply type “exit” to return to our Linux shell.

Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 2 (Keywords)

This should provide you with a basic command set that will enable you to run just about any hack in Metasploit. In future tutorials, we will look at the types of payloads, advanced commands, using global variables, advanced Meterpreter techniques, and ultimately, developing our own exploit.

Keep coming back, my rookie hackers!

BeEF+Ettercap:Pwning Marriage

This is the best how-to’s website that I’ve ever seen, and I wanted to join it. It taught me a lot, but, because I’m here to learn too, please correct me if I’m wrong. You probably know that Ettercap is a very powerful tool for man in the middle attacks Continue reading

It’s Now Completely Legal to Unlock Your Cell Phone??President Obama Signs Bill

Update: August 1, 2014 Earlier today, President Obama signed into law the Unlocking Consumer Choice and Wireless Competition Act, making the act of unlocking your unsubsidized cell phone 100% legal. According to the White House, “the bill not only restores the rights of consumers to unlock their phones, but ensures that they can receive help doing so if they lack the technological savvy to unlock on their own.” Chalk this one as a major victory for consumers, and one of the now seemingly rare cases of our government coming together for the good of the people Continue reading

Hack Like a Pro: How to Find Website Vulnerabilities Using Wikto

Welcome back, my hacker novitiates! When we are trying to find vulnerabilities in a website to attack, we need a solid web server vulnerability scanner. Internet-facing web apps can open enormous opportunities for us as they are often riven with vulnerabilities and can often offer an entire point to the internal network and resources. Previously, I had showed you how to use nikto in Kali to find website vulnerabilities, but here I will show you a Windows-based tool called Wikto that includes all of the capabilities of the command-line nikto Perl script but with an easy-use GUI and extended features. Continue reading

It Is Now Completely Legal to Unlock Your Cell Phone??President Obama Signs Bill

Update: August 1, 2014 Earlier today, President Obama signed into law the Unlocking Consumer Choice and Wireless Competition Act, making the act of unlocking your unsubsidized cell phone 100% legal. According to the White House, “the bill not only restores the rights of consumers to unlock their phones, but ensures that they can receive help doing so if they lack the technological savvy to unlock on their own.” Chalk this one as a major victory for consumers, and one of the now seemingly rare cases of our government coming together for the good of the people. End Update Beginning early last year, fed-up consumers started a petition on WhiteHouse.gov to bring the freedom to unlock back to those who have paid for devices and want to take them to other carriers. Continue reading

Linux Foundation Offering Free Linux Intro Course on August 1st (Normally $2,400!)

To spread awareness and familiarity with the Linux OS, on August 1st the Linux Foundation is temporarily offering a free online course and certification program on edX that usually costs around $2,400 on their own training website. The course is entirely self-paced and online Continue reading

Hack Like a Pro: How to Crack Passwords, Part 3 (Using Hashcat)

Welcome back, my greenhorn hackers! Continuing with my series on how to crack passwords, I now want to introduce you to one of the newest and best designed password crackers out therehashcat. The beauty of hashcat is in its design, which focuses on speed and versatility Continue reading

Hack Like a Pro: How to Crack Passwords, Part 2 ( Cracking Strategy)

Welcome back, my hacker apprentices! Last week, I started off my password cracking series with an introduction on the principles and technologies involved in the art of cracking passwords. In past guides, I showed some specific tools and techniques for cracking Windows, online, Wi-Fi, Linux, and even SNMP passwords. This series is intended to help you hone your skills in each of these areas and expand into some, as yet, untouched areas. Continue reading

Hack Like a Pro: How to Crack Passwords, Part 2 (Developing Your Cracking Strategy)

Welcome back, my hacker apprentices! Last week, I started off my password cracking series with an introduction on the principles and technologies involved in the art of cracking passwords. In past guides, I showed some specific tools and techniques for cracking Windows, online, Wi-Fi, Linux, and even SNMP passwords. Continue reading

Congress & President Obama Are About to Make Cell Phone Unlocking a Breeze

Beginning early last year, fed-up consumers started a petition on WhiteHouse.gov to bring the freedom to unlock back to those who have paid for devices and want to take them to other carriers. Continue reading