Metasploit msfd Remote Code Execution | Lucideus

Msfd-service makes it possible to get a msfconsole-like interface using the ruby interpreter over a TCP socket. If the socket is accessible on a remote interface, an attacker can achieve a shell and execute commands on the victim’s machine and at this time, all version of Metasploit is affected by the vulnerability.

About msfd
Msfd is a tool that opens a network interface to a msfconsole. It can be executed by giving the IP address and the port (by default it runs on 55554) on which it should listen for incoming connections. This allows a single user or multiple users to connect from a remote system to the framework.

Lab Environment
Framework :- metasploit framework(MSF)
Victim’s Operating system:-linux kali 4.6.0-kali-amd64(2016.2)
Attacker's Operating system:-linux kali 4.15.0-kali-amd64(2018.2)

Step 1: Msfd service is running on the victim’s machine.

Step 2: Then attacker opens the msfconsole.

Step 3: Then attackers search for msfd and get two result ,use exploit/multi/misc/msfd_rce_remote

Step 4: Then attackers see the requirement of the exploit by typing “options” and see this exploit want only RHOST(victim’s IP) so they give the IP.

Step 5: Then they type “exploit” for gaining access to the victim machine and attacker get the raw shell of the victim's machine.

Step 6: Now attacker’s have the raw shell now attackers can do anything they want from victim's machine.


  1. What is the vulnerability here.
    What is the entry point from the attacker's view ?
    What are the Exploitation vector ...


Powered by Blogger.