Modules

A module is a piece of software that the Metasploit Framework uses to perform a task, such as exploiting or scanning a target. A module can be an exploit module, auxiliary module, or post-exploitation module.

Module Search

Before you can configure and run an exploit, you need to search for the module. The console includes the ability to search for modules using search operators.

You use search operators to create a query based on a specific module name, path, platform, author, CVE ID, BID, OSDVB ID, module type, or application. The search returns a list of results that match the query.

The following are search operators that are available:

  • name
  • path
  • platform
  • type
  • app
  • author
  • cve
  • bid
  • osdvb

Search Syntax

To search for a module, use the following syntax:

1
$ search <search operator>:<search term>

Searching for a Module

Use the search command along with the search operator to search for a module

1
msf-pro > search platform:Windows
2
msf-pro > search type:exploit
3
msf-pro > search author:hd
4
msf-pro > search app:client
5
msf-pro > search name:ms08-067

Showing All Exploit Modules

Use the show command to view a list of the exploits that are available.

1
msf-pro > show exploits

This can take a few minutes. There are thousands of modules.