METASPLOIT

If you read about Cybersecurity, the most common finding would be large and big
organizations getting hacked day by day thereby companies losing their data and reputation
too.
So, to prevent such hacks that lead to compromise of security, companies hire security
professionals or the white hat hackers, what do they intend to do?
Well, they hack into the company the same way a malicious attacker would intend to do,
but at the end these hackers tell the developers or administrators where exact
vulnerabilities occur and how to patch them,
This makes the company much more secured from hackers.
Now the question arises how these hackers hack into the systems and perform tasks, the
answer is simple, they use a combination of manual testing and certain tools to exploit the
vulnerabilities and gain access. One such tool is Metasploit developed by Rapid7.
The same can be downloaded from rapid7 website or from its GitHub repository.
Metasploit is an exploitation framework.

An exploitation framework is a group of tools and utilities put together to make exploit
development, system administration

Metasploit was originally written in Perl language,

But now it uses Ruby.

The most remarkable feature of Metasploit is that it can be

Used across any platform OS like Windows, Linux, etc.

Exploit is finding a vulnerability and taking its advantage to gain access into the system, A
system may be anything like windows machine, Linux machine, android machine and even a
website
Metasploit started out as an open source project and there are 3 editions
1. Metasploit framework – basic version, it uses only command line and its free.
2. Metasploit community edition - for newbies has graphical interface and free.
3. Metasploit pro - fully featured and paid, also has usability wizard and more productivity
features
Now a big question arises that why do we use only this framework and not other tools, well
because the Metasploit Framework is a Ruby-based, modular penetration testing platform
that enables you to write, test, and execute exploit code. The Metasploit Framework
contains a suite of tools that you can use to test security vulnerabilities, enumerate
networks, execute attacks, and evade detection. At its core, the Metasploit Framework is a
collection of commonly used tools that provide a complete environment for penetration
testing and exploit development.
Also, after carrying out all the attacks, you can validate the bugs using Metasploit.
It also gives you the option of creating reports of all the vulnerabilities and their exploits
that were used to gain access, this report can be shared with other colleagues and the
developer.
It is advised to install Metasploit on a virtual machine as it might sometimes hinder with the
firewalls or the antivirus program running on the system.

Now let us come to usage of Metasploit framework,

Metasploit can be accessed using the command line in a Linux terminal by typing the
command “msfconsole”
This is how the interface of Metasploit
looks like, the tool is pretty easy to use,
we just need to remember few basic
commands to run any exploit you want
to run, you can run social engineering
attacks such as phishing or a reverse
shell connection with Metasploit.
Alternatively, you can use Meterpreter
along with different payloads.
You can also test web applications.

The most used interface is MSF Console, while there are several other interfaces of
Metasploit framework such as MSF CLI, MSF Web, etc.
Metasploit uses modules to carry out any task.
A module is a piece of software that the Metasploit Framework uses to perform a task, such
as exploiting or scanning a target. A module can be an exploit module, auxiliary module, or
post-exploitation module. A module search command can be used to search the required
modules.

The first command which we can use to get an overview of the Metasploit is the “help”
command, this command lists the usage of all other commands, this command is really
helpful if you do not know how to use Metasploit or are new to it.
Metasploit has several exploits that can be used as per the vulnerability.
There are several payloads available for an exploit for a vulnerability, a payload is
something that is used in exploiting the vulnerability,
The exploit basically installs our created payload on the target computer or system, when
the payload gets executed on the remote computer, it establishes a connection using any of
the protocols such as TCP, UDP, HTTP etc. with our PC and we have the full access of the
remote system, we can add, delete, view or modify anything we desire in the remote target
system
For e.g.: if you try to use a reverse backdoor that grants access to a windows computer then
payload will be an .exe file, in case of android it would be an .apk file and so on.
You just need to send these files to you target and let him execute these on his system for a
connection to establish over TCP (TCP is mostly used as it is more reliable connection) or any
other protocol and then setup a listener on our commands to receive the incoming
connection from our target computer.
This was just one type of attack that we can carry using Metasploit framework,
We can do many more things such as:
Social engineering: The main goal of social engineering is to offer a target to perform some
illicit action that enables you to either exploit their system or to collect information from
them.
Automating Tasks: Task chains enable you to automate and schedule the execution of a
series of preconfigured tasks. They are useful for automating repetitive tasks that you need
to perform regularly, such as scans and brute force attacks.

Working with Payloads: Metasploit has a large collection of payloads designed for all kinds
of scenarios. There are tons of payloads that are available in Metasploit, so it might be
overwhelming to figure out which payloads you can use for specific exploits. Luckily, you can
easily view the payloads that are supported for an exploit.

These were some of the cool things you can do in Metasploit and much more, a penetration
tester needs to explore all the available functionalities of Metasploit and then use the best
for the exploit.

This was just a beginners guide to Metasploit, further tutorials can be found on the rapid7
website.

Authored by:
Anugrah Sharma
([email protected])