Have you forgotten a few metasploit commands? It’s common, and we’ve compiled an action-packed cheatsheet for your metasploit adventures.
Once you’ve finished working with a module, search or any internals you can simply write “back” and be taken to the main menu.
If you’re currently in a session and don’t want to exit, you can write “bg” or “background”, and your session will be backgrounded.
You can list your sessions using sessions -l, and recover one using it’s id by running: sessions -i $ID, swapping $ID as necessary.
Once you’ve got a module loaded using the “use” command, you can show what options it requires by typing: show options.
If you want to check if the target is vulnerable without exploiting it, you can run check once you’ve set your options, and the metasploit module will try to check if the target is vulnerable.
Need to search for an exploit? Just use the search command. If you’re trying to find local exploits on a target box once a shell has been started, you can run exploit suggester from metasploit directly.
Remember, you can search by a variety of types, for example if you wanted any AIX exploits, you can run: search platform:aix, or, if you wanted anything named mysql: search name:mysql, or by a specific author — you can do that too.
You can also chain these search elements together, for example: search author:bsmith platform:linux
That’s our quick and dirty cheatsheet to metasploit console commands.
Written by: Mike