root@kali:~# msfconsole[-]***rting thE Metasploit Framework console...\
[-]* WARNING: No database support: could not connect to server: Connection refused
Is the server running on host "localhost"(::1)and accepting
TCP/IP connections on port 5432?
could not connect to server: Connection refused
Is the server running on host "localhost"(127.0.0.1)and accepting
TCP/IP connections on port 5432?
[-]***=[ metasploit v5.0.80-dev ]+----=[1983 exploits -1088 auxiliary -339 post ]+----=[559 payloads -45 encoders -10 nops ]+----=[7 evasion ]
Metasploit tip: Enable HTTP request and response logging withset HttpTrace true
msf5 >
访问MSF终端的帮助文件help+metasploit命令
#查看connect命令
msf5 >help connect
Usage: connect [options]<host><port>
Communicate with a host, similar to interacting via netcat, taking advantage of
any configured session pivoting.
OPTIONS:-C Try to use CRLF for EOL sequence.-P <opt> Specify source port.-S <opt> Specify source address.-c <opt> Specify which Comm to use.-h Help banner.-i <opt> Send the contents of a file.-p <opt> List of proxies to use.-s Connect with SSL.-u Switch to a UDP socket.-w <opt> Specify connect timeout.-z Just try to connect, then return.
msf5 >
root@kali:~# msfvenom -h
MsfVenom - a Metasploit standalone payload generator.
Also a replacement for msfpayload and msfencode.
Usage:/usr/bin/msfvenom [options]<var=val>
Example:/usr/bin/msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP>-f exe -o payload.exe
Options:-l,--list<type> List all modules for[type]. Types are: payloads, encoders, nops, platforms, archs, encrypt, formats,all-p,--payload <payload> Payload to use (--list payloads to list,--list-options for arguments). Specify '-'or STDIN for custom
--list-options List --payload <value>'s standard, advanced and evasion options
-f,--format<format> Output format(use --list formats to list)-e,--encoder <encoder> The encoder to use (use --list encoders to list)--sec-name <value> The new section name to use when generating large Windows binaries. Default: random 4-character alpha string
--smallest Generate the smallest possible payload using all available encoders
--encrypt <value> The type of encryption or encoding to apply to the shellcode (use --list encrypt to list)--encrypt-key <value> A key to be used for--encrypt
--encrypt-iv <value> An initialization vector for--encrypt
-a,--arch <arch> The architecture to use for--payload and--encoders (use --list archs to list)--platform <platform> The platform for--payload (use --list platforms to list)-o,--out <path> Save the payload to a file-b,--bad-chars <list> Characters to avoid example:'\x00\xff'-n,--nopsled <length> Prepend a nopsled of [length] size on to the payload
--pad-nops Use nopsled size specified by -n <length>as the total payload size, auto-prepending a nopsled of quantity (nops minus payload length)-s,--space <length> The maximum size of the resulting payload
--encoder-space <length> The maximum size of the encoded payload (defaults to the -s value)-i,--iterations <count> The number of times to encode the payload
-c,--add-code <path> Specify an additional win32 shellcode file to include
-x,--template <path> Specify a custom executable file to use as a template
-k,--keep Preserve the --template behaviour and inject the payload as a new thread
-v,--var-name <value> Specify a custom variable name to use for certain output formats
-t,--timeout <second> The number of seconds to wait when reading the payload from STDIN (default 30,0 to disable)-h,--help Show this message
查看某个攻击载荷模块的配置选项,采用payload-options即可。
root@kali:~# msfvenom -p windows/shell_reverse_tcp --payload-options
Error: Invalid option
MsfVenom - a Metasploit standalone payload generator.
Also a replacement for msfpayload and msfencode.
Usage:/usr/bin/msfvenom [options]<var=val>
Example:/usr/bin/msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP>-f exe -o payload.exe