Part 5 - Metasploit Payloads & Stagers

Video Activity

This video delves into Metasploit payloads. It examines the components of a payload that is used to perform an exploit: Modules - single or stagers (multiple). Stagers - "stage" a connection between the Kali host and the target. Stages - pieces of a payload downloaded by a stager. Used to build up a the connection.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Metasploit
Course
Time
5 hours 38 minutes
Difficulty
Intermediate
CEU/CPE
6
Video Description

This video delves into Metasploit payloads. It examines the components of a payload that is used to perform an exploit:

  • Modules - single or stagers (multiple).

  • Stagers - "stage" a connection between the Kali host and the target.

  • Stages - pieces of a payload downloaded by a stager. Used to build up a the connection.

Video Transcription
00:03
>> Let's learn a little bit more about what a payload is.
00:03
When I say the word payload, all that really
00:03
means to you is that it's a way to perform an exploit.
00:03
It's an exploit module.
00:03
>> That's the way to think about.
00:03
>> That's the Metasploit terminology if you will.
00:03
We have different types of modules.
00:03
We have Singles, Stagers, and Stages.
00:03
A Single module is one that's just stand alone.
00:03
It's basically self-contained.
00:03
It doesn't need any other components.
00:03
But if we have a Stager,
00:03
what that's doing is trying to
00:03
>> stage a connection between
00:03
>> the callee or your Metasploit instance
00:03
and the victim machine.
00:03
We think about it as a way to make
00:03
the connection as part of the overall exploit.
00:03
Lastly, we have Stages which are the pieces of
00:03
the payload that are
00:03
downloaded by the stagers themselves.
00:03
If I'm building a network connection, reverse TCP,
00:03
for instance, or a Meterpreter shell
00:03
>> or HTTP connection.
00:03
>> That's what the Stager does.
00:03
What the Stages are,
00:03
the individual pieces that are
00:03
needed to build that connection up.
Up Next
View All
Instructed By
Dean Pompilio

Dean Pompilio

CEO of SteppingStone Solutions

Instructor
Similar Content
Metasploitable
Assessment
Metasploitable
4
This assessment is designed to validate students understanding of the Metasploit framework. These challenges will ...
Metasploit Skill Assessment
Assessment
Metasploit Skill Assessment
One of the largest penetration tools out there, Metasploit is a penetration testing platform that ...
Advanced Penetration Testing
Course
Advanced Penetration Testing
4.14
The Advanced Penetration Testing course teaches the cyber attack lifecycle from the perspective of an ...
15CEUs