Run Loaded Module

Executes the currently loaded module in Metasploit.

Terminal

<run|exploit>

<run|exploit>

#!/bin/bash

# Run Loaded Module
{{run|exploit}}

import subprocess

# Run Loaded Module
# Make sure to replace <placeholders> with actual values
def run_command():
    cmd = [
        "run-exploit",
        
    ]
    
    try:
        print(f"Executing: {' '.join(cmd)}")
        subprocess.run(cmd, check=True)
    except subprocess.CalledProcessError as e:
        print(f"Error: {e}")
    except FileNotFoundError:
        print("Error: run-exploit not found. Please install it first.")

if __name__ == "__main__":
    run_command()

When To Use

When ready to launch an attack or exploit against a target.

Pro Tip

Use 'set verbose true' before running to get detailed logging of the process.

Anatomy of Output

Understanding the result

[*] Executing 'exploit' against target: example.com Execution Confirmation

Shows the target the module is directed at.

[+] Vulnerability found: Port 80 open. Vulnerability Detection

Indicates the targeted module discovered an exploitable condition.

[*] Exploit successful. Payload delivered. Exploit Result

Confirms that the exploit executed as intended.

Power User Variants

Optimized versions

run-exploit -j

Executes the exploit as a background job.

run-exploit -f

Forces the execution of the exploit even with errors.

Troubleshooting

Common pitfalls

[-] Exploit failed: No targets were specified.

Solution: Set the target host correctly using 'set RHOSTS' before attempting to run.

[ERROR] Permission denied; unable to execute payload.

Solution: Ensure the executing user has appropriate permissions for payload execution.

[-] Invalid target specified.

Solution: Confirm the target is reachable and valid for the chosen exploit.

Command Breakdown

What each part is doing

<run|exploit>: Base Command; The executable that performs this operation. Here it runs Run Exploit before the shell applies any redirect operators.
<run|exploit>: run|exploit; The value supplied for run|exploit.

Alternative Approaches

Comparable commands in other tools

Alternative security tools for the same job.

Nettacker / Run Ping Test And Multiple Scans On Target nettacker --ping-before-scan -m <port_scan,subdomain_scan,waf_scan,...> -g <80,443> -i <owasp.org> Gpg / Display Help In Gpg Tui <?> Freshclam / Update Virus Definitions Clamav freshclam Secret Tool / Retrieve Password secret-tool lookup key <key> John / Show Passwords Cracked john --show <path/to/hashes.txt>