Papadope Course
EN | ΕΛ

Metasploit Introduction - TryHackMe Walkthrough

Metasploit Introduction - TryHackMe Walkthrough

A practical walkthrough of the TryHackMe Metasploit Intro room, covering framework structure, module workflow, payload selection, and core msfconsole commands used in real engagements.

Room URL: https://tryhackme.com/room/metasploitintro

Difficulty: Easy

Tools & Concepts Covered

  • Metasploit Framework (msfconsole)
  • Module types (auxiliary, exploit, payload, post, encoder, nops, evasion)
  • Search and module selection
  • Context-aware options (show options)
  • Core parameters (RHOSTS, RPORT, LHOST, LPORT, PAYLOAD, SESSION)
  • Payload types (single vs staged)

Step-by-Step Walkthrough

1. Launch Metasploit

From AttackBox/Kali terminal:

msfconsole

This opens the msf6 > prompt.

2. Understand Core Terms

  • Vulnerability: weakness in software or design.
  • Exploit: code leveraging that weakness.
  • Payload: code executed after exploitation to achieve your objective.

3. Understand Module Categories

Metasploit organizes functionality into module families:

  • auxiliary (scanners, fuzzers, brute-force helpers)
  • exploit (vulnerability exploitation modules)
  • payloads (code run on target)
  • post (post-exploitation actions)
  • encoders, nops, evasion (specialized support)

Tip: staged vs single payload naming:

  • shell_reverse_tcp (single/inline payload style)
  • shell/reverse_tcp (staged payload style)

4. Basic Console Workflow

Useful commands:

help
history
search 
use 
show options
show payloads
info
back

Example search:

search ms17-010

You can use either module path or index from search results:

use exploit/windows/smb/ms17_010_eternalblue
# or
use 2

5. Set Required Parameters

Inside module context, configure required values:

set RHOSTS 
set RPORT 
set LHOST 
set LPORT 
set PAYLOAD

Re-check everything:

show options

Commonly used parameters:

  • RHOSTS: target IP/range/file list
  • RPORT: target service port
  • LHOST: attacker callback IP
  • LPORT: attacker callback port
  • PAYLOAD: payload choice
  • SESSION: used in post modules

Unset when needed:

unset 
unset all

6. Run and Handle Sessions

Execute module:

run
# or
exploit

If successful, Metasploit opens a session (e.g., Meterpreter or shell).

Check/list sessions:

sessions
sessions -i

For Meterpreter help:

help

7. Context Matters in Metasploit

Metasploit is context-based:

  • Values set in one module usually do not carry to others unless global.
  • Always confirm the prompt and show options after switching modules.

Prompt examples:

  • msf6 > (no module selected)
  • msf6 exploit(...) > (inside exploit module)
  • meterpreter > (interactive meterpreter session)

Practical Mini Flow (Reference) 

msfconsole
search 
use 
show options
set RHOSTS 
set LHOST 
show payloads
set PAYLOAD 
run
sessions -i

Notes

  • Use only in legal labs/authorized environments.
  • This room builds foundation for advanced Metasploit rooms (metasploit, rpmetasploit).
  • Reliability (rank) helps prioritize exploit choices but is not a guarantee.
Previous LazyAdmin - TryHackMe Walkthrough Next OhSINT - TryHackMe Walkthrough