Using the Metasploit Framework
Welcome to the Using the Metasploit Framework Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.
Already have an account? Sign In »
Introduction
Welcome to the Using the Metasploit Framework Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.
Learning Outcomes
In this module, you will complete the following exercises:
- Exercise 1 - Using the Metasploit Framework
- Exercise 2 - Setting Module Options
- Exercise 3 - Using Payloads
- Exercise 4 - Creating Standalone Payloads with Msfvenom
After completing this lab, you will be able to:
- Switch Off the Windows Firewall on PLABWIN810
- Start Metasploit
- Find Metasploit Modules
- Use the Modules Database
- Set Module Options
- Find Compatible Payloads
- Explain the types of Shell Targets
- Choose a Payload
- Share the Payload with the Victim
- Use the Multi/handler Module and Exploit the System
Exam Objectives
The following exam objectives are covered in this lab:
- PT0-001: 4.2 Compare and contrast various use cases of tools
- PT0-001: 2.1 Given a scenario, conduct information gathering using appropriate techniques
Lab Duration
It will take approximately 1 hour to complete this lab.
Exercise 1- Using the Metasploit Framework
Metasploit framework is the most widely used tool in exploiting vulnerabilities. A free edition is available in Kali Linux. Metasploit has a modular and flexible architecture that helps you develop new exploits as more and more vulnerabilities are discovered. On the other hand, it is also used in penetration testing.
You can use the Metasploit framework with or without a database. If you configure it with the database, then Metasploit will be able to track what you do within the framework.
In this exercise, you will learn about using the Metasploit framework.
Learning Outcomes
After completing this exercise, you will be able to:
- Switch Off the Windows Firewall on PLABWIN810
- Start Metasploit
- Find Metasploit Modules
- Use the Modules Database
Exercise 2 - Setting the Module Options
The resources that should be made available to the pentester are dependent on the scope of penetration testing. There can be a variety of resources that can be made available to the pentester if they fit into the scope of penetration testing.
In this exercise, you will learn about penetration testing resources and requirements.
Learning Outcomes
After completing this exercise, you will be able to:
- Set the Module Options
Exercise 3 - Using Payloads
After the exploit executes on the target, you need to tell it the action it needs to perform. This is done by loading the payload, which is designed to perform specific tasks.
In this exercise, you will learn about using payloads.
Learning Outcomes
After completing this exercise, you will be able to:
- Find Compatible Payloads
- Explain the Types of Shells
Exercise 4 - Creating Standalone Payloads with Msfvenom
Msfvenom is a combination of two different tools, Msfpayload and Msfencode, which are part of Kali Linux. The functionality of both the tools was later combined into this single tool named Msfvenom. However, both the tools, Msfpayload, and Msfencode, still exist in Kali Linux as independent tools. Msfvenom is designed to create standalone payloads.
To use this tool, you do not need to invoke the Metasploit framework, and it can work directly from the command prompt in Kali Linux.
In this exercise, you will learn about creating standalone payloads with Msfvenom.
Learning Outcomes
After completing this exercise, you will be able to:
- Choose a Payload
- Share the Payload with the Victim
- Use the Multi/handler Module and Exploit the System
See the full benefits of our immersive learning experience with interactive courses and guided career paths.