- Get link
- Other Apps
The Metasploit Project is a penetration testing framework and also open-source project that provides a public resource for researching security vulnerabilities and developing code that allows a network administrator to break into his network to identify security risks and document which vulnerabilities need to be addressed first. Metasploit was originally developed and conceived by Hd Moore while he was employed by a security firm. When Hd realized that he was spending most of his time validating and sanitizing public exploit code, he began to create a flexible and maintainable framework for the creation and development of exploits. He released his first edition of the Perl-based Metasploit in october 2003 with a total of 11 exploits, later it was acquired by Rapid7 but it also provides a community edition which is completely free to use.
Basic Terminology
• Vulnerability- A weakness which allows an attacker to break into/ compromise a system’s security • Exploit- The code which allows an attacker to take advantage of a vulnerable system • Payload- The code which runs on the system after exploitation
• Modules- A prepackaged collection of code from the Metasploit Framework that performs a specific task, such as run a scan or launch an exploit .
• Listener- A listener waits for an incoming connection from either the exploited target or the attacking machine and manages the connection when it receives it.
• Meterpreter- Meterpreter is an advanced multi-function payload that provides you an interactive shell. From the Meterpreter shell, you can do things like download a file, obtain the password hashes for user accounts, and pivot into other networks. Meterpreter runs on memory, so it is undetectable by most intrusion detection systems.
• Auxiliary Module- An auxiliary module does not execute a payload and perform arbitrary actions that may not be related to exploitation. Examples of auxiliary modules include scanners, fuzzers, and denial of service attacks.
• L-HOST- This is the IP address you want your target machine to connect to, literally. If you’re in a local area network, it is unlikely your target machine can actually reach you unless you both are in the same network.
• L-PORT- This the port you want your target machine to connect.
Metasploit Modules
A module can be an exploit, auxiliary or post- exploitation module. The module type determines its purpose. For example, any module that can open a shell on a target is considered an exploit module
Exploits-
An exploit module executes a sequence of commands to target a specific vulnerability found in a system or application. An exploit module takes advantage of a vulnerability to provide access to the target system. Exploit modules include buffer overflow, code injection, and web application exploits.
Payloads-
A payload is the shellcode that runs after an exploit successfully compromises a system. The payload enables you to define how you want to connect to the shell and what you want to do to the target system after you take control of it. A payload c a n open a Meterpreter or command shell. Meterpreter is an advanced payload that allows y o u to writ e d L L fi l e s to dynamically create new features as you need them.
Auxiliary-
An auxiliary module does not execute a payload and performs arbitrary actions that may not be related to exploitation. Examples of auxiliary modules include scanners, fuzzers, and denial of service attacks.
Encoders-
The encoder modules are designed to re-encode payloads and exploits to enable them to get past security defense systems such as Antivirus and intrusion detection system (IdS).
Post Exploitation-
These are modules that are used after the exploitation of a system. These modules are often used after the system has been “owned” and has the Meterpreter running on the system. These can include such modules as keyloggers, privilege escalation, enabling the webcam or microphone, etc.
NOPs-
A NOP is short for “no operation”. This causes the system’s CPU to do nothing for a clock cycle. often, Nop’s are essential for getting a system to run remote code after a buffer overflow exploit. These are often referred to as “Nop sleds”. These modules are used primarily to create Nop sleds.
Why we use Metasploit
Metasploit isn’t just a tool; it’s an entire framework that provides the infrastructure needed to easily build attack vectors to augment its exploit,payloads encoders and more in order to create and execute more advanced attacks, given below are some of the advantages metasploit.
• Open source
• More than 1600 tested exploits
• Over 450 + Payloads
• Over 40+ Encoders
• 1000+ Auxiliary
• GUI Environment
• plug&play expolit
Comments
Post a Comment