Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2
# frozen_string_literal: true
3

4
module Msf
5
  module Ui
6
    ###
7
    #
8
    # Module that contains some most excellent tips.
9
    #
10
    ###
11
    module Tip
12
      def self.highlight(string)
13
        "%grn#{string}%clr"
14
      end
15

16
      COMMON_TIPS = [
17
        "View all productivity tips with the #{highlight('tips')} command",
18
        "Enable verbose logging with #{highlight('set VERBOSE true')}",
19
        "When in a module, use #{highlight('back')} to go back to the top level prompt",
20
        "Tired of setting RHOSTS for modules? Try globally setting it with #{highlight('setg RHOSTS x.x.x.x')}",
21
        "Enable HTTP request and response logging with #{highlight('set HttpTrace true')}",
22
        "You can upgrade a shell to a Meterpreter session on many platforms using #{highlight('sessions -u <session_id>')}",
23
        "Open an interactive Ruby terminal with #{highlight('irb')}",
24
        "Use the #{highlight('resource')} command to run commands from a file",
25
        "To save all commands executed since start up to a file, use the #{highlight('makerc')} command",
26
        "View advanced module options with #{highlight('advanced')}",
27
        "You can use #{highlight('help')} to view all available commands",
28
        "Use #{highlight('help <command>')} to learn more about any command",
29
        "View a module's description using #{highlight('info')}, or the enhanced version in your browser with #{highlight('info -d')}",
30
        "After running #{highlight('db_nmap')}, be sure to check out the result of #{highlight('hosts')} and #{highlight('services')}",
31
        "Save the current environment with the #{highlight('save')} command, future console restarts will use this environment again",
32
        "Search can apply complex filters such as #{highlight('search cve:2009 type:exploit')}, see all the filters with #{highlight('help search')}",
33
        "Metasploit can be configured at startup, see #{highlight('msfconsole --help')} to learn more",
34
        "Display the Framework log using the #{highlight('log')} command, learn more with #{highlight('help log')}",
35
        "Network adapter names can be used for IP options #{highlight('set LHOST eth0')}",
36
        "Use #{highlight('sessions -1')} to interact with the last opened session",
37
        "View missing module options with #{highlight('show missing')}",
38
        "Start commands with a space to avoid saving them to history",
39
        "You can pivot connections over sessions started with the ssh_login modules",
40
        "Use the #{highlight('analyze')} command to suggest runnable modules for hosts",
41
        "Set the current module's RHOSTS with database values using #{highlight('hosts -R')} or #{highlight('services -R')}",
42
        "Use the 'capture' plugin to start multiple authentication-capturing and poisoning services",
43
        "The #{highlight('use')} command supports fuzzy searching to try and select the intended module, e.g. #{highlight('use kerberos/get_ticket')} or #{highlight('use kerberos forge silver ticket')}"
44
      ].freeze
45
      private_constant :COMMON_TIPS
46

47
      DEVELOPER_TIPS = [
48
        "Writing a custom module? After editing your module, why not try the #{highlight('reload')} command",
49
        "Use the #{highlight('edit')} command to open the currently active module in your editor",
50
      ].freeze
51
      private_constant :DEVELOPER_TIPS
52

53
      ALL_TIPS = COMMON_TIPS + DEVELOPER_TIPS
54
      private_constant :ALL_TIPS
55

56
      def self.all
57
        ALL_TIPS
58
      end
59

60
      def self.sample
61
        ALL_TIPS.sample
62
      end
63
    end
64
  end
65
end
66

67