Part 2 - Explore Metasploit Structure
Video Activity
In this video we discuss the basic structure of Metasploit by examining some key folders: Tools folder Database folder - for saving info. Scripts folder Plugins folder Modules folder - for attacks, exploits, and payloads Lib folder - for developers to extend the product
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Description
In this video we discuss the basic structure of Metasploit by examining some key folders:
-
Tools folder
-
Database folder - for saving info.
-
Scripts folder
-
Plugins folder
-
Modules folder - for attacks, exploits, and payloads
-
Lib folder - for developers to extend the product
Video Transcription
00:03
>> Then finally finished.
00:03
>> One of the first thing we want to
00:03
>> do is have a look at the folder structure and
00:03
the architecture of Metasploit
00:03
itself just to give you an idea of
00:03
what directories and structures
00:03
are part of the framework itself.
00:03
I'll make this a little bit bigger.
00:03
We're going to go to users share, Metasploit framework.
00:03
Sorry, I skipped past it there.
00:03
My window is scrolling strangely, sorry about that.
00:03
A little bit of a problem there.
00:03
Probably it's just easier to start typing.
00:03
There we go. Metasploit Framework.
00:03
You can see I've got several different folders here.
00:03
I've got my app folder,
00:03
which has a lot of pieces of
00:03
the tools and framework that we'll look at later.
00:03
Database folder where, of course,
00:03
we have our database that we'll be
00:03
using to capture information and to save information.
00:03
There's also folders for your scripts
00:03
and different plug-ins as well
00:03
as several of the actual scripts
00:03
that we run to use the tool itself.
00:03
The modules folder has just what it sounds like,
00:03
all of the modules that we'll be using for
00:03
our various attacks and pen testing activity.
00:03
We have things like different exploits
00:03
based on different file, different operating systems.
00:03
As you can see, we've got
00:03
a folder with all the possible payloads.
00:03
We'll talk about what singles
00:03
and what stages are here in just a moment.
00:03
There's also a post exploitation components
00:03
>> and modules.
00:03
>> We'll see what that looks like at
00:03
some point in the course,
00:03
and then we have plug-ins.
00:03
There's lots of different possibilities there.
00:03
But your Lib folder is the basic,
00:03
all the libraries that the
00:03
product is actually built from.
00:03
If you're extending it or if you were doing
00:03
certain contributions to the framework,
00:03
you'd be more familiar with these from a programmer,
00:03
developer type of view.
00:03
A little bit more about modules.
00:03
The primary tree for
00:03
modules is the folder that we looked at earlier.
00:03
We have to remember what exploits do.
00:03
Some modules use exploits.
00:03
In the case of the Metasploitable system
00:03
that we'll be doing a lot of our work against,
00:03
working primarily from this Linux folder and all of
00:03
these different categories of exploits.
00:03
Some exploits will involve some, but for instance,
00:03
or some might involve something to do FTP.
00:03
We've got a lot of different choices.
00:03
Depending on what tools you're using,
00:03
whether it's command line-based or GUI based,
00:03
you'll get different ways to view
00:03
all the different possibilities.
00:03
We also have payloads.
00:03
The payload [NOISE] is
00:03
the actual code that you deliver to the remote system.
00:03
Frequently, we'll try to get a Meterpreter shell,
00:03
or some other system command shell.
00:03
Because once you get that access,
00:03
you can do a lot more work.
00:03
We'll get to see some of the tactics and techniques
00:03
>> involved in gathering additional information,
00:03
>> trying to exploit known vulnerabilities
00:03
based on the results of scans.
00:03
A NOP as a no operation instruction,
00:03
which is used to pad
00:03
your payloads to make sure that they are sized
00:03
appropriately so that if you're having any triggers
00:03
>> based on different size files on the remote system,
00:03
>> you can try to size them
00:03
exactly right so that it doesn't become suspicious.
00:03
Also, we have the concept of the encoder.
00:03
What the encoders do is allow you to
00:03
generate payload objects or
00:03
generate objects that have payloads embedded in them,
00:03
and to encode them in such a way as
00:03
to try to bypass the antivirus.
00:03
We'll look at some examples of how
00:03
that works and some of the settings you can
00:03
use to customize your payload to make sure that it
00:03
tries to slip under the radar of
00:03
the defenses of the pen testing target.
Up Next
Similar Content
