Introduction to Metasploit

Metasploit Overview

The Metasploit Framework, MSF is a framework, a collection of programs and tools for penetration testing networks. Metasploit has a collection of exploits, payloads, libraries and interfaces that can be used to exploit computers. You can find a great description of the architecture here: http://www.offensive-security.com/metasploit-unleashed/Metasploit_Architechture . Metasploit is included in the BackTrack5 Linux distribution that is recommended for this class, but you can also easily download and install it into any flavor of Linux.

Metasploit has a large collection of exploits and payloads and the tools to package and deliver them to a targeted host computer. Metasploit allows you to choose an exploit from its library, choose a payload, configure the target addressing, the target port numbers, and other options, and the framework will package it all together together, and launch it across the network to a targeted system. Metasploit is extremely flexible and can assist in the testing and development of exploits. Written in the Ruby programming language, Metasploit also allows the user to write his own exploits and payloads and include them within the framework. Metasploit is cross platform and can run on Linux, MAC OS, and Windows and has exploits and payloads targeting all three as well.

Meterpreter – One of the more powerful payloads is the Metasploit Interpreter or Meterpreter. Meterpreter allows the user to have command line access to the targeted machine without running a cmd.exe process, it runs completely in memory through the exploited process. There is a great article about Meterpreter and how it works here: About Meterpreter . By running Meterpreter on a compromised machine the user wields an incredible amount of system access and control.

Download – You can download Metasploit here: http://metasploit.com/ and there is a great free reference for learning Metasploit here: http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training.

 

Metasploit Basics

Metasploit has many user interfaces including: msfcli, msfconsole, msfweb (deprecated) and msfgui (new). The main tool for accessing Metasploit is the msfconsole. Msfconsole is a console based interface that provides easy functionality, tab completion, and access to external system commands; it is the most stable Metasploit interface with access to more tools and features than the other interfaces. You can launch the Metasploit msfconsole with the following terminal command:

#msfconsole

Note: depending on the speed of your computer the console may take a minute to initialize and start up completely.

msfconsole

Once Metasploit and the msfconsole has completed starting up, you should see the “msf >” command prompt. For command help, you can type “help” or a “?”. Below is a list of the common msfconsole commands to begin pentesting. The help command provides a list of available commands. The “search” command can search for an exploit, and the entire library of scripts etc., by name. The “show exploits” and “show payloads” command will output a complete list of Metasploit’s library of exploits and payloads.

 

Commands

msf > help
msf > search <search term>
msf > show exploits
msf > use <path to exploit>           //as indicated by the show exploits command
msf exploit(exploit name) >          //the command prompt displays the loaded exploit  
msf exploit(exploit name) > show payloads
msf exploit(exploit name) > set PAYLOAD <path to payload>          //as indicated by the show payloads command
msf exploit(exploit name) > show options

Based on the output of the show options command you will need to input some options. Some of the options will have default settings already configured. RHOST and RPORT stands for remote host (target computer) and remote port and LHOST and LPORT stand for local host (your computer) and local port.

msf exploit(exploit name) > set RHOST <ip address>
msf exploit(exploit name) > set RPORT <port number>
msf exploit(exploit name) > set LHOST <ip address>
msf exploit(exploit name) > set LPORT <port number>
msf exploit(exploit name) > exploit          //launches the exploit

 

Metasploit exercise >

Author: Dan

Dan teaches computer networking and security classes at Central Oregon Community College.

Leave a Reply

Your email address will not be published. Required fields are marked *