Metasploit

Metasploit
Metasploit
• Metasploit is an open source computer security project.

• Metasploit is not a single tool, it is a framework which is used for developing and
executing exploit code against the Remote target.

• Metasploit is written in Ruby

Metasploit architecture
• Architecture
Metasploit Filesystem
In Kali Linux, Metasploit is provided in the metasploit-framework package and is
installed in the /usr/share/metasploit-framework directory, the top-level.
Metasploit Modules

Auxiliary
Payload: Exploit : Encoder: Post Module: NOP:
modules:
• piece of code • piece of • used for • encodes our • run on • used to
that runs in software, scanning and payloads to compromised facilitate
the target hunk of data doing various avoid anti targets to buffer
system or a sequence tasks. virus gather useful overflows
of code that detection. data and pivot during
takes the the attacker attacks.
advantage of deeper into
a bug of the target
vulnerability. network.
Metasploit Interfaces
• In learning how to use Metasploit, you will find there are many different interfaces
to use with this hacking tool, each with their own strengths and weaknesses.

• As such, there is no one perfect interface to use with the Metasploit console,
although the MSFConsole is the only supported way to access most Metasploit
commands.

• Metasploit has different interfaces to ease our tasks.

• We can do a variety of tasks with these interfaces.

Metasploit Interfaces

Metasploit Interface

2. MSFCLI:
1. MSFConsole:
Powerful command line interface to the
This is the main interface.
framework

Open terminal type msfconsole. Open terminal type msfcli

Eases our task compared to other interfaces Easily add Metasploit exploits into any
and has more power scripts
Metasploit Interfaces
MSFCLI HELP
Command Line Interface Commands
• Running the msfcli help command:

9
MSFcli Interface

MSFcli Benefits MSF Benefits

Supports the launching of exploits and Provides a console-based interface to the
auxiliary modules framework
Good for learning
Execution of external commands in
Excellent if you know exactly which exploit msfconsole is possible
and options you need
Full readline support, tabbing, and command
Wonderful for use in scripts and basic completion
automation
“all-in-one” centralized console allows
Drawback efficient access to virtually all of the options
• Not supported quite as well as msfconsole available

10
LAUNCHING MSFCONSOLE
• The MSFconsole is launched by simply running msfconsole from the command
line.
• MSFconsole is located in
the /usr/share/metasploit-framework/msfconsole directory.
• The -q option removes the launch banner by starting msfconsole in quiet mode.
• Quite Mode

11
How to Use the Command Prompt
Common Options
• msfconsole -h

Database Options
Framework Options

Module Options

Console Options

12
MSFConsole Commands: CONNECT
• There is a miniature Netcat clone built into the msfconsole that supports
• SSL,
• proxies,
• pivoting, and
• file transfers.
• To connect to a remote host, use connect command with an IP address and port
number, same as you would with Netcat or Telnet.

13
MSFConsole Commands: EXIT
• GREP
• The grep command is similar to Linux grep.
• It matches a given pattern from the output of another msfconsole command.

14
MSFConsole Commands: EXIT
• The following is an example of using grep to match output containing the string
“http” from a search for modules containing the string “oracle”.

15
MSFConsole Commands: CHECK
• There aren’t many exploits that support it, but there is also a check option that will
check to see if a target is vulnerable to a particular exploit instead of actually
exploiting it.

16
MSFConsole Commands: SESSIONS
• The sessions command allows you to list, interact with, and kill spawned sessions.
The sessions can be shells, Meterpreter sessions, VNC, etc.

17
MSFConsole Commands: SESSIONS
• To list any active sessions, pass the -l options to sessions.

18
MSFConsole Commands: SESSIONS
• To interact with a given session, you just need to use the -i switch followed by the
Id number of the session.

19
MSFConsole Commands: TARGETS
• If you aren’t certain whether an operating system is vulnerable to a particular
exploit, run the show targets command from an exploit module

20
MSFConsole Commands: SHOW EXPLOITS
• Naturally, show exploits will be the command you are most interested in running
since at its core, Metasploit is all about exploitation.

21
MSFConsole Commands: use
• During exploit development, you will most certainly need to generate shellcode to
use in your exploit

22
MSFConsole Commands: USE
• Selecting an exploit in Metasploit adds the exploit and check commands to
msfconsole.

23
MSFConsole Commands: SHOW PAYLOADS
• Running show payloads will display all of the different payloads for all platforms
available within Metasploit.
• running show payloads will only display the payloads that are compatible with that
particular exploit.

24
MSFConsole Commands: OPTIONS
• If you have selected a specific module, you can issue the show options command
to display which settings are available and/or required for that specific module.

25
MSFConsole Commands: SET
Metasploit prompts the tester to select the payload (a reverse shell from the
compromised system back to the attacker) and sets the other variables

• Remote host (RHOST): This is the IP address of the system being attacked
• Remote port (RPORT): This is the port number that is used for the exploit
• Local host (LHOST): This is the IP address of the system used to launch the
attack
• Local Port (LPORT): This is the port number that is used to launch attack

The attack is launched by entering the exploit command at the prompt after all
variables have been set.

26
MSFConsole Commands: SET
• Metasploit also allows you to set an encoder to use at run-time.
• This is particularly useful in exploit development when you aren’t quite
certain as to which payload encoding methods will work with a given
exploit.

27
MSFConsole Commands: SET
• The set command allows you to configure Framework options and parameters for
the current module you are working with.

28
For exploiting
For exploiting a machine, We need to

Use specific exploit (msf> use exploit/multi/samba/usermap_script)

For that exploit we need to set specific payload (search payload)

Set Rhost IP address of target(Victim)

Set Report of the Target

Set the Lhost IP address of the attacker

Exploit
29
For exploiting
exp

30
Setup

31
Link to set up machines
• https://hackwithbkob.wordpress.com/2019/12/20/tools-to-set-up-hacking-lab-at-
home-environment/

32