Introduction to Metasploit

Metasploit has two main versions:

• Metasploit Pro: The commercial version that facilitates the automation and management of tasks. This version has a graphical user interface (GUI).

• Metasploit Framework: The open-source version that works from the command line. This room will focus on this version, installed on the AttackBox and most commonly used penetration testing Linux distributions.

  The main components of the Metasploit Framework can be summarized as follows;

• msfconsole: The main command-line interface.

• Modules: supporting modules such as exploits, scanners, payloads, etc.

• Tools: Stand-alone tools that will help vulnerability research, vulnerability assessment, or penetration testing. Some of these tools are msfvenom, pattern_create and pattern_offset. We will cover msfvenom within this module, but pattern_create and pattern_offset are tools useful in exploit development which is beyond the scope of this module

Main Components of Metasploit

Q : What is the name of the code taking advantage of a flaw on the target system?

~ Exploit

Q : What is the name of the code that runs on the target system to achieve the attacker's goal?

~ Payload

Q : What are self-contained payloads called?

~ Singles

Q : Is "windows/x64/pingback_reverse_tcp" among singles or staged payload?

~ Singles

Msfconsole

Q : How would you search for a module related to Apache?

~ search apache

Q : Who provided the auxiliary/scanner/ssh/ssh_login module?

~ todb

Working with modules

Q : How would you set the LPORT value to 6666?

~ set LPORT 6666

Q : How would you set the global value for RHOSTS to 10.10.19.23 ?

~ setg RHOSTS 10.10.19.23

Q : What command would you use to clear a set payload?

~ unset PAYLOAD

Q : What command do you use to proceed with the exploitation phase?
~ exploit