Metasploit Cheat Sheet

If you use keep losing Metasploit commands, then this Metasploit cheat sheet might help you forward.

This cheat sheet contains database commands, Metasploit core commands and Meterpreter commands which you can use on Metasploit.

Database Commands
db_connectconnect database
db_disconnectdisconnect database
db_exportexport database
db_importimport scan result
db_statusstatus of database
hostsdisplay hosts
lootdisplay loot
notesdisplay notes
servicesdisplay services
vulnsdisplay vulnerabilities
workspaceswitch between workspace
db_nmapnmap scan into database
Core Commands
?display help
helpdisplay help (alternative)
backgo back
cdchange directory
colortoggle color
connectcommunicate with a host
exitexit metasploit
infodisplay info of module
irbgo into irb
jobsdisplay and manage jobs
killstop a job
loadload a plugin
loadpathload a plugin from path
makercprint commands entered to a path
previousset previous module as current module
popmpops the latest module off of the module stack and makes it active
pushmpushes the active or list of modules onto the module stack
quitquit the console
resourcerun commands stored in a file
routeroute traffic through a connection
savesave datastores
searchsearch for modules
sessionsdump session listings and display information about sessions
setset variable of a module
setgset a global variable
showdisplay modules of a type, or all modules
sleepdo nothing for x seconds
spoolwrite all output to a files
threadsmanipulate threads
unloadunload a plugin
unsetunset a variable
unsetgunset a global variable
useuse a module (by name)
versionshow metasploit info
Meterpreter Core and File System
backgroundbackground the current session
bgkillkill a background meterpreter script
channeldisplays info about active channels
closeclose a channel
disable_unicode_encodingdisplays info about active channels
enable_unicode_encodingenable encoding of unicode strings
exitexit meterpreter shell
helpdisplay help
infodisplay info about active post module
interactinteract with a channel
irbdrop into irb scripting mode
loadload one or more meterpreter extensions
migratemigrate the server to another process
quitterminate the meterpreter sessions
readreads data from a channel
resourcerun the commands stored in a file
runexecutes a meterpreter script or post module
writewrite data to a channel
catread the contents of a file to the screen
cdchange directory
downloaddownload file to your computer
editedit a file
getlwdprint local working directory
getwdprint working directory
lcdchange local working directory
lpwdprint local working directory
lslist files
mkdirmake directory
pwdprint working directory
rmdelete the specified file
rmdirremove directory
searchsearch for files
uploadupload file to target
Meterpreter User Interface Commands
enumdesktopslist all accessible desktops and window stations
getdesktopget the current meterpreter desktop
idletimedisplay the amount of time the user has been idle
keyscan_startstart capturing keystrokes
keyscan_stopstop capturing keystrokes
keyscan_dumpdump the keystroke buffer
screenshotscreenshot of the gui
setdesktopchange the meterpreters current desktop
uictlcontrol some of the user interface components
Meterpreter System Commands
clearevclear the event log
drop_tokenrelinquishes any active impersonation token
executeexecute a command
getpidget the current process identifier
getprivsattempt to enable all privileges available to the current process
getuidget the user that the server is running as
killterminate a process
pslist running processes
rebootreboots the remote computer
reginteract with the remote registry
rev2selfcalls reverttoself() on the remote machine
shelldrop into a system command shell
shutdownshuts down the remote computer
steal_tokenattempt to steal an impersonation token from the process
sysinfogets information about the remote system
Meterpreter Priv Commands
webcam_listlist webcams
webcam_snaptake a snapshot from the specified webcam
getsystemattempt to elevate your privilege to that of local system
hashdumpdumps the contents of the sam database
timestompmanipulate mace attributes
Share this information