msfconsole

Launch the console

$ msfconsole

$ msfconsole [[-q|--quiet]]

$ msfconsole [[-n|--no-database]]

$ msfconsole [[-x|--execute-command]] "[use auxiliary/server/capture/ftp; set SRVHOST 0.0.0.0; set SRVPORT 21; run]"

$ msfconsole [[-h|--help]]

$ msfconsole [[-v|--version]]

msfconsole [options]

-h, --help
    Displays the help menu and exits.

-q, --quiet
    Suppresses the Metasploit banner during startup, providing a cleaner console. Useful for scripting.

-r, --resource <file>
    Executes commands from the specified resource (RC) file immediately after the console starts. Ideal for automating common setup or attack sequences.

-x, --execute <commands>
    Executes a comma-separated list of Metasploit commands directly upon startup. Similar to -r but for inline commands.

-n, --no-database
    Starts the console without attempting to connect to the Metasploit database. Useful for quick sessions not requiring data storage.

-o, --output <file>
    Logs all console output, including command inputs and results, to the specified file.

-v, --version
    Displays the Metasploit Framework version information and exits.

msfconsole is the primary interactive command-line interface for the Metasploit Framework, a powerful open-source platform used by cybersecurity professionals for penetration testing and vulnerability assessment. It provides an environment to load and interact with various modules, including exploits, payloads, encoders, and auxiliary modules, to discover vulnerabilities, develop custom exploits, and simulate real-world attacks. Users can manage sessions, interact with compromised systems, and integrate with a backend database to store scan results, discovered hosts, and captured credentials.

The console supports scripting for automation and offers a rich set of commands for searching, configuring, and launching modules. Its extensive module library, coupled with its flexibility and extensibility, makes msfconsole an indispensable tool for red team operations, ethical hacking, and security research.

Using msfconsole requires significant system resources, especially RAM, for optimal performance. Misuse of the Metasploit Framework and its capabilities can lead to illegal activities; it should only be used in authorized and controlled environments. Regular updates of the framework are crucial to ensure access to the latest exploits, payloads, and security patches, as well as to maintain compatibility with new vulnerabilities. Issues with database connectivity can limit functionality, such as storing scan results and managing session data.

msfconsole organizes its functionalities into various module types:
Exploits: Code that targets a specific vulnerability on a system to gain unauthorized access.
Payloads: Small pieces of code executed on a compromised system after an exploit is successful, often used to establish a shell or meterpreter session.
Auxiliary: Modules that perform various scanning, sniffing, and administrative tasks without exploiting a vulnerability.
Post: Modules that run on a compromised system (post-exploitation) to gather more information, pivot, or maintain persistence.
Encoders: Used to obfuscate payloads to evade antivirus detection.
Nops: No operation sleds used to ensure reliable payload delivery.

msfconsole can integrate with a backend database (e.g., PostgreSQL) to store information gathered during penetration tests. This includes discovered hosts, services, vulnerabilities, captured credentials, and active sessions. Database integration is critical for managing large engagements, tracking progress, and generating reports, allowing for a more organized and efficient workflow.

Resource scripts (RC files) are simple text files containing a sequence of msfconsole commands. They are used to automate repetitive tasks, set up environments, or execute predefined attack chains. By running msfconsole -r <file.rc>, users can quickly deploy complex operations without manual command entry, significantly improving efficiency during assessments.

The Metasploit Framework was originally created by H.D. Moore in 2003 as a portable network penetration testing tool. It started as a Perl-based framework and later transitioned to Ruby. The core interactive interface, msfconsole, has been a consistent and central component throughout its evolution, providing a robust environment for exploit development and execution. In 2009, Rapid7 acquired the Metasploit project, significantly accelerating its development and professionalizing its support while maintaining its open-source core. This history underscores its growth from a niche tool to a widely recognized and indispensable platform in the cybersecurity community.

msfvenom(1), nmap(1), searchsploit(1), armitage(1)