2019-03-01 00:54:01 +08:00
|
|
|
msfconsole
|
|
|
|
==========
|
|
|
|
|
|
|
|
`msfconsole` is the primary interface to Metasploit Framework. There is quite a
|
|
|
|
lot that needs go here, please be patient and keep an eye on this space!
|
|
|
|
|
|
|
|
Building ranges and lists
|
|
|
|
-------------------------
|
|
|
|
|
|
|
|
Many commands and options that take a list of things can use ranges to avoid
|
|
|
|
having to manually list each desired thing. All ranges are inclusive.
|
|
|
|
|
|
|
|
### Ranges of IDs
|
|
|
|
|
|
|
|
Commands that take a list of IDs can use ranges to help. Individual IDs must be
|
|
|
|
separated by a `,` (no space allowed) and ranges can be expressed with either
|
|
|
|
`-` or `..`.
|
|
|
|
|
|
|
|
### Ranges of IPs
|
|
|
|
|
|
|
|
There are several ways to specify ranges of IP addresses that can be mixed
|
|
|
|
together. The first way is a list of IPs separated by just a ` ` (ASCII space),
|
|
|
|
with an optional `,`. The next way is two complete IP addresses in the form of
|
|
|
|
`BEGINNING_ADDRESS-END_ADDRESS` like `127.0.1.44-127.0.2.33`. CIDR
|
|
|
|
specifications may also be used, however the whole address must be given to
|
|
|
|
Metasploit like `127.0.0.0/8` and not `127/8`, contrary to the RFC.
|
|
|
|
Additionally, a netmask can be used in conjunction with a domain name to
|
2019-03-02 00:43:36 +08:00
|
|
|
dynamically resolve which block to target. All these methods work for both IPv4
|
2019-03-01 00:54:01 +08:00
|
|
|
and IPv6 addresses. IPv4 addresses can also be specified with special octet
|
|
|
|
ranges from the [NMAP target
|
|
|
|
specification](https://nmap.org/book/man-target-specification.html)
|
|
|
|
|
|
|
|
### Examples
|
|
|
|
|
|
|
|
Terminate the first sessions:
|
|
|
|
|
|
|
|
sessions -k 1
|
|
|
|
|
|
|
|
Stop some extra running jobs:
|
|
|
|
|
|
|
|
jobs -k 2-6,7,8,11..15
|
|
|
|
|
|
|
|
Check a set of IP addresses:
|
|
|
|
|
|
|
|
check 127.168.0.0/16, 127.0.0-2.1-4,15 127.0.0.255
|
|
|
|
|
|
|
|
Target a set of IPv6 hosts:
|
|
|
|
|
|
|
|
set RHOSTS fe80::3990:0000/110, ::1-::f0f0
|
|
|
|
|
|
|
|
Target a block from a resolved domain name:
|
|
|
|
|
|
|
|
set RHOSTS www.example.test/24
|