Home 0P3N Blog 5 Elements to Explore in Metasploit Basics
Ready to Start Your Career?
Create Free Account
By: Multi Thinker
July 9, 2015

5 Elements to Explore in Metasploit Basics

By: Multi Thinker
July 9, 2015
By: Multi Thinker
July 9, 2015
5 Concepts You Should Know About Metasploit Basics - CybraryHi once again,In this security article, I'll define the framework of Metasploit.We'll cover following topics (there are many more of them and we'll cover them in my next article):
  1. What is Metasploit?
  2. What Can We Do with It?
  3. Understanding Metasploit
  4. CLI Commands and Exploit Attacks
  5. Armitage

1. What is Metasploit?

Metasploit is software that works with hardware to find additional vulnerabilities and aids in figuring out the kinds of machines our victim/target is using (to attack it better or to defend it better). We must know what they're using to know we're suppose to do. Metasploit facilitates our work with such features as CLI (Command Line) and offers a GUI (Graphics User Interface i.e. Armitage)

[caption id="" align="aligncenter" width="588"]Metasploit Metasploit Terminal[/caption] 

2. What Can We Do with It?

Metasploit exploits can be developed and Metasploit can be extended. The tool comes with various types of exploits for different OS's (MAC, Linux, Windows, and more). Different kinds of exploits can create different kinds of noise.

 

Metasploit can be run in:

msfconsole(CLI) andarmitage(GUI)

 

Normally, Windows can be exploited with SMBA and we'll talk about that next. These exploits include unnecessary opened ports or backdoors, pass the hash and other methods.

rdesktop( remote desktop ) windows information / data transfer and many more.

Metasploit comes with SET (Social Engineering Toolkit). The Social Engineering Toolkit incorporates many useful social engineering attacks, all in one interface. The main purpose of SET is to automate and improve on many of the social engineering attacks out there. It can automatically generate exploit-hiding web pages and email messages. It can use Metasploit payloads and do other multiple tasks that we'll highlight next.

 

3. Understanding Metasploit

There are some small things we should know before getting started to Metasploit, including:

  • postgre SQL
  • Metasploit local service
  • Configuration and uses
  • exploits

We discussed how Metasploit can be started both ways (CLI & GUI). Before Metasploit starts, we need to start these maintained services and load our configuration and exploits. The services can be started by typing in a terminal: service postgresql start and Metasploit can be started by typing service metasploit start

Note: Let them run in that window and open new window for the Metasploit console. Clicking on the terminal will open new instance and type 'msfconsole' to open.

 

4. CLI

After we started the services and run the console, we have a list of default exploits to use. Regarding SET, it also contains many methods to take over several items including tab nabbing, site cloning, key tracing, etc. I'll clarify them in detail in next part.

 

Commands

To get started, we need to stick with commands in the command line interface. To select targets and fix ports, the rport, rhost commands are used. We can see our target configurations by typing show options - this will give you information about your configuration and attack progress.

Note: All of images are not mine; some are placed to help you understand more clearly.

 

We can set our rhost by typing set RHOST 192.168.xx.xx (anything )in the terminal. In the same way, we can set our rport.

After setting the target we may see attack vector information by again typing "show options" we can search and check exploits by typing "search this ( write exploit name )" and can use that exploit by typing "use (this exploit name)" for example

 

Practically, we have Windows XP here and port 445 is open.  We can use an SMBA exploit for Windows XP to remote desktop and takeover everything there with LAN or IP. We can do this both ways...

 

We can check whether our exploit can be implemented or not by typing Check (this exploit name). If the result is positive, we can exploit it by typing exploit and access our target.

 

5. Armitage

Armitage is a GUI version of the Metasploit framework. We can check almost every kind of attack available just by clicking. Armitage is build on Java and it's a bit slower then CLI. Adding host and configuration info is just a matter of clicking.

We can figure out what OS is running and can exploit it co-correspondingly. In the next chapter, we'll learn:
  • SMB Exploitations
  • Custom Exploits
  • Passing the Hash
  • Payloads
  • Meterpreter
I hope to explain these topics in a video. Thanks for now and stay tuned!-- Multi Thinker
Request Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry