Metasploit

Using the Metasploit Web Interface

The web interface contains the workspace that you use to set up projects and perform pentesting tasks. It is a browser-based interface that provides navigational menus that you can use to access the various task configuration pages. You can do things like run a discovery scan, launch an exploit against a target, generate a report, configure system preferences, and perform administrative tasks. Each task has its own configuration page that displays all the options and settings that you can define for a task. The user interface displays the fields you need to input data, check box options that you can enable or disable depending on your test requirements, and dropdown menus that provide you with available options for a particular task.

When you first open a new project, the Overview page appears. It displays the statistical information for the project, such as the number of hosts and services discovered and the number of sessions and credentials obtained. The project will not display any statistics or the Dashboard until you scan a target or import host data.

After you scan or import data into the project, the Overview page will display the Dashboard, which provides a high-level, graphical breakdown of the data stored in the project.

Additionally, from the Overview page, you can view the Recent Events log to see the latest activity for the project. This is useful if you are part of a team and want to see the things that other members have done within the project. Ultimately, the Dashboard helps you quickly assess the data that has been collected for the project at a certain point in time.

To hide the Dashboard, click on the Dashboard's dropdown header.

Supported Browsers

The user interface runs on the following browsers:

  • Google Chrome 10+
  • Mozilla Firefox 18+
  • Internet Explorer 10+
  • Iceweasel 18+

The web user interface may run on other browsers, but Metasploit Pro does not officially support those browsers.

Navigational Menus and Features

You can use the following menus and features to navigate between the different areas of Metasploit Pro:

  • Main menu - Access project settings, edit account information, perform administrative tasks, and view software update alerts.
  • Notification Center - Alerts you when a task completes or when a software update is available. You can click on the alert to display a dropdown banner of the latest alerts for all projects.
  • Project menu - Access the Project menu when you need to create, edit, open, and view projects.
  • Account menu - Access the Account menu when you need to manage your account settings. You can change your password, set the time zone, and edit the contact information for the account.
  • Administration menu - Access the Administration menu when you need to apply system updates, update license keys, edit user accounts, and configure global settings.
  • Project tab bar - Click on the tabs in the task bar to navigate between task pages.
  • Navigational breadcrumbs - Use the navigational breadcrumbs to identify your current location in a project.
  • Tasks bar - Access the configuration page for the selected task.

Accessing the Metasploit Web UI

To access the Metasploit Web UI, open a browser and go to https://localhost:3790 if Metasploit Pro runs on your local machine. If Metasploit Pro runs on a remote machine, replace localhost with the address of the remote machine.

Metasploit Pro Users Run as Root

If you log in to the Metasploit Pro Web UI, you can effectively run any command on the host machine as root. Please make sure that all users of Metasploit Pro are trusted.

Using the Metasploit Web Interface


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.