5 Elements to Explore in Metasploit Basics

July 9, 2015 | Views: 8898

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hi once again,

In this security article, I’ll define the framework of Metasploit.

We’ll cover following topics (there are many more of them and we’ll cover them in my next article):

  1. What is Metasploit?
  2. What Can We Do with It?
  3. Understanding Metasploit
  4. CLI Commands and Exploit Attacks
  5. Armitage

1. What is Metasploit?

Metasploit is software that works with hardware to find additional vulnerabilities and aids in figuring out the kinds of machines our victim/target is using (to attack it better or to defend it better). We must know what they’re using to know we’re suppose to do. Metasploit facilitates our work with such features as CLI (Command Line) and offers a GUI (Graphics User Interface i.e. Armitage)

Metasploit

Metasploit Terminal

 

2. What Can We Do with It?

Metasploit exploits can be developed and Metasploit can be extended. The tool comes with various types of exploits for different OS’s (MAC, Linux, Windows, and more). Different kinds of exploits can create different kinds of noise.

 

Metasploit can be run in:

msfconsole
(CLI) and
armitage
(GUI)

 

Normally, Windows can be exploited with SMBA and we’ll talk about that next. These exploits include unnecessary opened ports or backdoors, pass the hash and other methods.

rdesktop
( remote desktop ) windows information / data transfer and many more.

Metasploit comes with SET (Social Engineering Toolkit). The Social Engineering Toolkit incorporates many useful social engineering attacks, all in one interface. The main purpose of SET is to automate and improve on many of the social engineering attacks out there. It can automatically generate exploit-hiding web pages and email messages. It can use Metasploit payloads and do other multiple tasks that we’ll highlight next.

 

3. Understanding Metasploit

There are some small things we should know before getting started to Metasploit, including:

  • postgre SQL
  • Metasploit local service
  • Configuration and uses
  • exploits

We discussed how Metasploit can be started both ways (CLI & GUI). Before Metasploit starts, we need to start these maintained services and load our configuration and exploits. The services can be started by typing in a terminal: service postgresql start and Metasploit can be started by typing service metasploit start

Note: Let them run in that window and open new window for the Metasploit console. Clicking on the terminal will open new instance and type ‘msfconsole’ to open.

 

4. CLI

After we started the services and run the console, we have a list of default exploits to use. Regarding SET, it also contains many methods to take over several items including tab nabbing, site cloning, key tracing, etc. I’ll clarify them in detail in next part.

 

Commands

To get started, we need to stick with commands in the command line interface. To select targets and fix ports, the rport, rhost commands are used. We can see our target configurations by typing show options – this will give you information about your configuration and attack progress.

Note: All of images are not mine; some are placed to help you understand more clearly.

 

We can set our rhost by typing set RHOST 192.168.xx.xx (anything )in the terminal. In the same way, we can set our rport.

After setting the target we may see attack vector information by again typing “show options” we can search and check exploits by typing “search this ( write exploit name )” and can use that exploit by typing “use (this exploit name)” for example

 

Practically, we have Windows XP here and port 445 is open.  We can use an SMBA exploit for Windows XP to remote desktop and takeover everything there with LAN or IP. We can do this both ways…

 

We can check whether our exploit can be implemented or not by typing Check (this exploit name). If the result is positive, we can exploit it by typing exploit and access our target.

 

5. Armitage

Armitage is a GUI version of the Metasploit framework. We can check almost every kind of attack available just by clicking. Armitage is build on Java and it’s a bit slower then CLI. Adding host and configuration info is just a matter of clicking.

We can figure out what OS is running and can exploit it co-correspondingly.

 

In the next chapter, we’ll learn:

  • SMB Exploitations
  • Custom Exploits
  • Passing the Hash
  • Payloads
  • Meterpreter

I hope to explain these topics in a video.

 

Thanks for now and stay tuned!

— Multi Thinker

Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
44 Comments
  1. good basic overview. thanks!

  2. Nice article

Page 9 of 9« First...«56789
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel