- After install initialize the MSF database for the first time with
- View if the database is running/start the database
sudo msfdb start
sudo msfdb status
sudo msfdb stop
- search for type along with keyword
search type:post -S "firefox"
use exploit /path/to/exploit
- Singles
- Singles are payloads that are self-contained and completely standalone. These can be as simple as running calc.exe, adding a user to the system or deleting a file. Since single payloads are self-contained, they can be caught with non-metasploit handlers like netcat for example.
- Stager
- Stagers are payloads that setup a network connection between victim and attacker and download additional components or applications. A typical example of a stager is one that makes the victim system setup a tcp connection to the attacker: the reverse_tcp stager. Another example is the bind_tcp stager that lets the victim open a tcp listener to which the attacker will make a connection.
- Stages
- Stages are payload components that are downloaded by a stager. These payloads provide advanced features with no size limits. Some examples are a simple shell, but also VNC Injection, iPhone 'ipwn' shell and Meterpreter
- In Metasploit, the type of payload can be deducted from its name.
- Single payloads have the format
<target> / <single>
- Stager/Stage payloads have the format
<target> / <stage> / <stager>
- When executing the show payloads command in Metasploit, it shows a list of compatible payloads (or all payloads when not executed in the context of a module).
set payload path/to/payload
run
exploit
#either will work