Metasploit - nataneliezer/tech-journal GitHub Wiki

Metasploit Usage:

Metasploit is a framework used by threat actors and penetration testers to streamline the exploitation step of a penetration test. A user can use a variety of different exploits.

For most exploits there are several settings that need to be set:

To select an exploit use the command: use (path to exploit)

To determine the options that need tp be configured use the command: show options

LHOST: the ip address of the attacker or the C2 server that will be connected back to.
LPORT: the port that will be listening for the connection from the target.
RPORT: target port. depending on the exploit this may already be set. RHOST: target IP address.
USERNAME: the target username.
PASSWORD: the password to the specified username. This may not always be necessary.

once all of the configuration options have been set you can use the command "exploit" or "run".