Starting Metasploit

OK, let's fire up Metasploit. First, because Metasploit uses a client/server model, we need to turn on the Metasploit services. In Kali 1.x, you had to start the Metasploit server in the Menu Bar. Go to Applications | Kali Linux | System Services | Metasploit | community/pro start:

A terminal window will open and the services will start up. A marked improvement in Kali 2 means that all you have to do is click the Metasploit link on the left side-bar or in the main Applications menu.

Metasploit uses the PostgreSQL v9.1 database server. It can take several minutes for the services to start.

Once the services have started, type msfconsole to start the Metasploit console. When we type workspace, we can see the workspaces. We will set up a new workspace shortly.

Tip

Hacker Tip

The first time you start the Metasploit console, it will create the database, so you will get to watch 90 seconds of SQL language go by.

When the console is ready, it will show you a little talking cow (# cowsay++) introducing you to Metasploit:

To get a list of the console commands, type help at any time.

msf > help

Core Commands
Command	Description	Command	Description
?	Help menu	previous	Sets the previously loaded module as the current module
back	Moves back from the current context	pushm	Pushes the active list of modules onto the module stack
banner	Displays an awesome Metasploit banner	quit	Exits the console
cd	Changes the current working directory	reload_all	Reloads all modules from all defined module paths
color	Toggles color	rename_job	Renames a job
connect	Communicates with a host	resource	Runs the commands stored in a file
edit	Edits the current module with $VISUAL or $EDITOR	route	Routes traffic through a session
exit	Exits the console	save	Saves the active datastores
get	Gets the value of a context-specific variable	search	Searches module names and descriptions
getg	Gets the value of a global variable	sessions	Dumps session listings and displays information about sessions
go_pro	Launches Metasploit web GUI	set	Sets a context-specific variable to a value
grep	Greps the output of another command	setg	Sets a global variable to a value
help	Launches the help menu	show	Displays modules of a given type, or all modules
info	Displays information about one or more module	sleep	Does nothing for the specified number of seconds
irb	Drops into irb scripting mode	spool	Writes console output into a file as well the screen
jobs	Displays and manages jobs	threads	Views and manipulates background threads
kill	Kills a job	unload	Unloads a framework plugin
load	Loads a framework plugin	unset	Unsets one or more context-specific variables
loadpath	Searches for and loads modules from a path	unsetg	Unsets one or more global variables
makerc	Saves commands entered since start to a file	use	Selects a module by name
popm	Pops the latest module off the stack and makes it active	version	Shows the framework and console library version numbers

Database Back-end Commands
Command	Description	Command	Description
creds	Lists all credentials in the database	db_status	Shows the current database status
db_connect	Connects to an existing database	hosts	Lists all hosts in the database
db_disconnect	Disconnects from the current database instance	loot	Lists all loot in the database
db_export	Exports a file containing the contents of the database	notes	Lists all notes in the database
db_import	Imports a scan result file (file type will be auto-detected)	services	Lists all services in the database
db_nmap	Executes nmap and records the output automatically	vulns	Lists all vulnerabilities in the database
db_rebuild_cache	Rebuilds the database-stored module cache	workspace	Switches between database workspaces

To get help on individual commands, type help <command>; the screenshot below shows two examples showing the use and hosts command help. We have a listing showing its usage and explanation of any flags that work with the command.