Part 5 - Metasploit Payloads & Stagers

Video Transcript

Let's learn a little bit more about what a payload is. When I say the word payload, all that really means to you is that it's a way to perform an exploit. It's an exploit module. That's the way to think about. That's the Metasploit terminology if you will.

‍

We have different types of modules. We have Singles, Stagers, and Stages. A Single module is one that's just stand alone. It's basically self-contained. It doesn't need any other components. But if we have a Stager, what that's doing is trying to stage a connection between the callee or your Metasploit instance and the victim machine. We think about it as a way to make the connection as part of the overall exploit.

‍

Lastly, we have Stages which are the pieces of the payload that are downloaded by the stagers themselves. If I'm building a network connection, reverse TCP, for instance, or a Meterpreter shell or HTTP connection. That's what the Stager does. What the Stages are, the individual pieces that are needed to build that connection up.

Intermediate

Course link:

Metasploit

Metasploit Framework is the most popular exploitation tool available for developing, testing, and performing exploits. This metasploit course will teach you to utilize the deep capabilities of Metasploit for penetration testing and help you to prepare to run vulnerability assessments for organizations of any size.

Instructed by

Instructor

Dean Pompilio

I have been an IT Professional since 1989, and I have worn many hats along the way... I acquired extensive knowledge of Systems Administration, Systems Engineering, Network Architecture, and IT Security.