[Part 1]$~Metasploit for Beginners

March 23, 2017 | Views: 10681

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

[Image: sLMInEU.png]

Hello, everyone! Let me first introduce myself. My name is Spirited Wolf and I love to share my knowledge with everyone and anyone who needs it. You can contact me on Cybrary or on my Facebook. Now, let’s get started.

What is Metasploit?

According to Wikipedia, it is: “The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.”

[Image: VfqUr28.png]

There are several interfaces for Metasploit available. The most popular are maintained by Rapid7 and Strategic Cyber LLC.

Metasploit Framework Edition

The free version. It contains a command line interface, third-party import, manual exploitation and manual brute forcing.

Metasploit Community Edition

In October 2011, Rapid7 released Metasploit Community Edition, a free, web-based user interface for Metasploit. Metasploit Community is based on the commercial functionality of the paid-for editions with a reduced set of features, including network discovery, module browsing, and manual exploitation. Metasploit Community is included in the main installer.

Metasploit Express 

In April 2010, Rapid7 released Metasploit Express, an open-core commercial edition for security teams who need to verify vulnerabilities. It offers a graphical user interface, integrates nmap for discovery, and adds smart brute forcing, as well as automated evidence collection.

Metasploit Pro 

In October 2010, Rapid7 added Metasploit Pro, an open-core commercial Metasploit edition for penetration testers. Metasploit Pro adds onto Metasploit Express with features such as Quick Start Wizards/MetaModules, building and managing social engineering campaigns, web application testing, an advanced Pro Console, dynamic payloads for anti-virus evasion, integration with Nexpose for ad-hoc vulnerability scans, and VPN pivoting.

Armitage 

Armitage is a graphical cyber attack management tool for the Metasploit Project that visualizes targets and recommends exploits. It is a free and open source network security tool notable for its contributions to red team collaboration allowing for shared sessions, data, and communication through a single Metasploit instance.

Cobalt Strike 

Cobalt Strike is a collection of threat emulation tools provided by Strategic Cyber LLC to work with the Metasploit Framework. Cobalt Strike includes all features of Armitage and adds post-exploitation tools in addition to report generation features.

HOW TO USE METASPLOIT?? 

First of all, let’s start the Metasploit service.

Code:
applications > kali linux > system services > metasploit > start 

or

Code:
service metasploit start 

Run msfconsole

Just type msfconsole in your terminal

Code:
sudo msfconsole 

And then you will see something like this

[Image: 8wDgOcs.png]

So, what is msfconsole?

->Msfconsole is the main interface to Metasploit. There are GUI interfaces (Armitage), and a web interface too (websploit). With msfconsole, you can launch exploits, create listeners, configure payloads etc.

Quote:

Note:-Metasploit has lots of great documentation built in. Type help to get a basic list of commands.”

If you want to check what commands you can use, then just type “help” or “?” <- question mark without the quotations.

Example::

Code:

msf > help

Core Commands
=====================

Command       Description
——-       ———–
?             Help menu
advanced      Displays advanced options for one or more modules
back          Move back from the current context
banner        Display an awesome Metasploit banner
cd            Change the current working directory
color         Toggle color
connect       Communicate with a host
edit          Edit the current module with $VISUAL or $EDITOR
exit          Exit the console
get           Gets the value of a context-specific variable
getg          Gets the value of a global variable
grep          Grep the output of another command
help          Help menu
info          Displays information about one or more modules
irb           Drop into irb scripting mode
jobs          Displays and manages jobs
kill          Kill a job
load          Load a framework plugin
loadpath      Searches for and loads modules from a path
makerc        Save commands entered since starts to a file
options       Displays global options or for one or more modules
pushm         Pushes the active or list of modules onto the module stack
quit          Exit the console
reload_all    Reloads all modules from all defined module paths
rename_job    Rename a job
resource      Run the commands stored in a file
route         Route traffic through a session
save          Saves the active datastores
search        Searches module names and descriptions
sessions      Dump session listings and display information about sessions
set           Sets a context-specific variable to a value
setg          Sets a global variable to a value
show          Displays modules of a given type, or all modules
sleep         Do nothing for the specified number of seconds
spool         Write console output into a file as well the screen
threads       View and manipulate background threads
unload        Unload a framework plugin
unset         Unsets one or more context-specific variables
unsetg        Unsets one or more global variables
use           Selects a module by name
version       Show the framework and console library version numbers

Database Backend Commands
========================================

Command           Description
——-           ———–
creds             List all credentials in the database
db_connect        Connect to an existing database
db_disconnect     Disconnect from the current database instance
db_export         Export a file containing the contents of the database
db_nmap           Executes nmap and records the output automatically
db_rebuild_cache  Rebuilds the database-stored module cache
db_status         Show the current database status
hosts             List all hosts in the database
loot              List all loot in the database
notes             List all notes in the database
services          List all services in the database
vulns             List all vulnerabilities in the database
workspace         Switch between database workspaces

msf >

[Image: JK3dNQa.png]

Pick a vulnerability and use an exploit

->Once you know what your remote host’s system is (nmap, lynix, maltego, wp-scan, etc) you can pick an exploit from Metasploit to test. rapid7 have an easy way to find exploits. There is also a way to search within msfconsole for various exploits:

Example::

Quote:

search type:exploit

Quote:

search name:xxxx

Quote:

search CVExxxxxx

Quote:

search cve:2016 

Hope you liked my tutorial:-

See you in my next tutorial, and if you want to check some of my other Metasploit tutorials then you can request more info in the comments, and/or check them on my channel.


Special thanks: CodeNinja, Th3_uNique,Bd_InjeCtor, Alteas, Repetence, Rootexploiter, IndiGear, Toni, msfanurag, msfsri, and Kishan

Thanks ✌  

 

Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
11 Comments
  1. Thanks for this tutorial1. Appreciate.

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel