MSF Command Categories
Core Commands
Module Commands
Job Commands
Resource Script Comamnds
Database Backend Commands
Credentials Backend Commands
Developer Commands
Workspaces
logically seperate different pen tests
Modules
encoders
nops
exploits
payloads
auxilary
post
plugins
info
options
Auxiliary Modules
Might be handy to obtain versions of running software, e.g.:
auxiliary/scanner/smb/smb_version
Staged vs non-staged payloads
staged:
first payload is small, connects back to attacker to load the actual payload
pros: small; might evade AV
cons: instable
non-staged:
“all-in-one-payload”
pros: more stable
cons: bigger
Meterpreter payload
multi-function payload
encrypted
fully in memory
opens meterpreter shell
sysinfo
getuid
shell
getsysteme
Zuletzt geändertvor einem Jahr