10
Chapter 2
unique exploitation when you know exactly which exploit and options you
need. It is less forgiving than
msfconsole
, but it offers some basic help (includ-
ing usage and a list of modes) with the command
msfcli -h
, as shown here:
root@bt:/opt/framework3/msf3# msfcli -h
Usage: /opt/framework3/msf3/msfcli <exploit_name> <option=value> [mode]
==============================================================================
Mode
Description
----
---------------
(H)elp
You're looking at it, baby!
(S)ummary
Show information about this module
(O)ptions
Show available options for this module
(A)dvanced
Show available advanced options for this module
(I)DS Evasion
Show available ids evasion options for this module
(P)ayloads
Show available payloads for this module
(T)argets
Show available targets for this exploit module
(AC)tions
Show available actions for this auxiliary module
(C)heck
Run the check routine of the selected module
(E)xecute
Execute the selected module
root@bt:/opt/framework3/msf3#
Sample Usage
Let’s take a look at how you might use
msfcli
. Don’t worry about the details;
these examples are intended to give you a sense of how you might work with
this interface.
When you are first learning Metasploit or whenever you get stuck, you
can see the options available in a module by appending the letter
O
to the end
of the string at whichever point you are stuck. For example, in the following
listing, we use the
O
to see the options available for the
ms08_067_netapi
module:
root@bt:/#
msfcli windows/smb/ms08_067_netapi O
[*] Please wait while we load the module tree...
Name Current Setting Required Description
---- --------------- -------- -----------
RHOST 0.0.0.0 yes The target address
RPORT 445 yes Set the SMB service port
SMBPIPE BROWSER yes The pipe name to use (BROWSER, SRVSVC)
You can see that the module requires three options:
RHOST
,
RPORT
, and
SMPIPE
. Now, by adding a
P
, we can check for available payloads:
root@bt:/#
msfcli windows/smb/ms08_067_netapi RHOST=192.168.1.155 P
[*] Please wait while we load the module tree...