Not a member yet? Why not Sign up today
Create an account  

Metasploit remote console: Remotely access Metasploit with msf-remote-console

[Image: ySJZXiP.jpg]

Metasploit remote console msfconsole written in Python 2.7 to connect to the msfrcpd server of metasploit. This tool gives you the ability to load modules permanently as daemon on your server like autopwn2. Although it gives you the ability to remotely use the msfrpcd server it is recommended to use it locally with a ssh or mosh shell because certificate validation is not enabled.

  •     Optimized delivery & execution of commands.
  •     Has all msf commands implemented even future ones. This is possible through the structure of the rpc api.
  •     Browse through your command history with the up and down arrow key.
  •     Tab completion for system paths.
  •     It feels like the normal msfconsole!

How does it look like ?

Quote:Connecting to server:
 Host =>,
 Port => 55553,
 User => msf,
 Pwd => ***,
 SSL => True

[+] Successfully connected
 Console id: 19
     ,           ,
    /             \
      (_) O O (_)_________
         \ _ /            |\
          o_o \   M S F   | \
               \   _____  |  *
                |||   WW|||
                |||     |||

       =[ metasploit v4.12.22-dev-52b81f3                 ]
+ -- --=[ 1577 exploits - 906 auxiliary - 272 post        ]
+ -- --=[ 455 payloads - 39 encoders - 8 nops             ]
+ -- --=[ Free Metasploit Pro trial: hxxp:// ]

msf >

How do I use it ?

Quote:Usage: [options]

  -h, --help                show this help message and exit
  -r RESOURCE,         --resource=RESOURCE
                                Path to resource file
  -u USERNAME,       --user=USERNAME
                                Username specified on msfrpcd
  -p PASSWORD,      --pass=PASSWORD
                                  Password specified on msfrpcd
  -s, --ssl                    Enable ssl
  -P PORT,                 --port=PORT  Port to connect to
  -H HOST,                 --host=HOST  Server ip
  -c, --credentials        Use hardcoded credentials
  -e, --exit                  Exit after executing resource script

With the -c option you can use the credentials hard coded into feel free to change them so that you don’t have to use the credential parameters all the time.
With the -r option you specify a resource script to load from your computer into the console.


This will load a resource script and use the hardcoded credentials:

Quote:python -c -r /root/resource/handler/allHandlers.rc

This will log in to the msfrpcd server through command line arguments:

Quote:python --ssl --port 55553 --host --user msf --pass msf


Forum Jump:

Users browsing this thread: