Project Toolkit 004: Metasploit Framework

if I have it in my database I will exploit it

Hey all, Today I will be talking about Metasploit Framework. The Metasploit Framework is a modular, Ruby-based penetration testing platform that lets you write, test, and run exploit code. You may use the Metasploit Framework to test security vulnerabilities, enumerate networks, execute attacks, and elude detection. The Metasploit Framework is, at its core, a collection of widely used tools that provide a full environment for penetration testing and exploit creation.

The Metasploit framework is a sophisticated tool that can be used by both cybercriminals and ethical hackers to investigate network and server vulnerabilities. It’s easy to customize and use with most operating systems because it’s an open-source framework.

Installing Metasploit Framework

Installing the Metasploit Framework on Unix

Extracting the tarball, shifting into the generated directory, and running your favorite user interface are all it takes to install the Framework. We strongly advise you to use a version of the Ruby interpreter that includes support for the GNU ReadiLine library. If you’re running Mac OS X 10.5.1 or earlier, you’ll need to install GNU ReadiLine first, then recompile the Ruby interpreter. The console interface can be tab completed if you use a version of Ruby that supports ReadiLine. For regular use, the msfconsole user interface is preferred, however the msfweb user interface might be handy for live demos.

Installing the Metasploit Framework on Windows

On the Windows platform, the Metasploit Framework is fully supported.

http://framework.metasploit.com/ — Download Link

Download the newest version and do an online update

After you download the installer, locate the file, and double-click the installer icon to start the installation process.

When the Setup screen appears, click Next to continue.

Read the license agreement and select the I accept the license agreement option. Click Next to continue.

Browse to the location where you want to install the Metasploit Framework.

By default, the framework is installed on the C:\ Metasploit-framework directory.

Click Next to continue.

Click Install.

The installation process can take 5–10 minutes to complete. When the installation completes, click the Finish button.

To launch msfconsole after the installation completes, run the following from the command line

Installing the Metasploit Framework on Linux

Open the terminal.

Enter the following command to add the build repository and install the Metasploit Framework package:

After the installation completes, open a terminal window, and type the following to start msfconsole

The prompt asks you if you want to use and set up a new database. Type y or yes to run the initial configuration script to create the initial database

If all goes well, the console starts and displays the following

To check to see if the database was set up, run the following command:

If the Metasploit Framework successfully connected to the database, the following status displays:

Interfaces in Metasploit Framework

1. The Console Interface

After you’ve installed the Framework, double-check that everything is operating as it should. The msfconsole user interface is the simplest way to do this. If you’re using Windows, open the msfgui interface and go to the Window menu and select the Console link.

2. The GUI Interface

The msfgui interface debuted in version 3.1, and it has many new capabilities in addition to the functionality of msfconsole. Select the Console option from the Window menu to enter a msfconsole shell. Enter a string or regular expression in the search field and hit the Find button to find a module within the module tree.

3. The Command Line Interface

If you want to automate exploit testing or just don’t want to use an interactive interface, msfcli could be the answer. The first parameter in this interface is the module name, followed by the options in VAR=VAL format.

4. The Web Interface

The msfweb interface is based on Ruby on Rails. Start the server with msfweb to have access to this interface. The WEBrick web server is used by the msfweb interface to handle requests. By default, msfweb listens on port 55555 on the loopback address (127.0.0.1). A log message indicating that the service has begun should be displayed.

How to Get Metasploit Framework?

Metasploit can be downloaded from the Rapid7 website using open-source installers. In addition to the most recent versions of Chrome, Firefox, and Explorer. The following are the minimal system requirements:

· Operating Systems:

  • Ubuntu Linux 14.04 or 16.04 LTS (recommended)
  • Windows Server 2008 or 2012 R2
  • Windows 7 SP1+, 8.1, or 10
  • Red Hat Enterprise Linux Server 5.10, 6.5, 7.1, or later

· Hardware:

  • 2 GHz+ processor
  • Minimum 4 GB RAM, but 8 GB is recommended
  • Minimum 1 GB disk space, but 50 GB is recommended

Before you begin, make sure your device is free of antivirus and firewall software, and that you have administrative capabilities. When you install the framework, the installer is a self-contained entity that is set up for you. If you need to configure specific dependencies, you can also use the manual installation option. The Metasploit Pro edition is pre-installed with the Kali Linux distribution. The install shield wizard will be used for Windows users.

After installation, upon startup, you’ll be faced with these choices:

  • Creating database at /Users/joesmith/.msf4/db
  • Starting Postgresql
  • Creating database users
  • Creating an initial database schema

For what this Metasploit Framework use ?

It’s an essential tool for discovering hidden vulnerabilities using a variety of tools and utilities. Metasploit allows you to put yourself in the mind of a hacker and utilize their methods to probe and infiltrate networks and services.

Core components of the Metasploitable Framework

Finding Modules

The Metasploit Framework’s fundamental components are modules. A module is a component of software capable of carrying out a certain task, such as scanning or exploiting. Each task that the Metasploit Framework may do is defined by a module. There are a few types of modules. The module type depends on the purpose of the module and the type of action that the module performs.

  • Exploit
  • Auxiliary
  • Post-Exploitation
  • Payload
  • NOP generator

Datastore

The Metasploit Framework’s datastore is an essential component. The datastore is a table of named values that allows you to customize the behavior of Metasploit Framework components. The datastore allows interfaces to set parameters, payloads to patch opcodes, and exploits to specify parameters. The datastore also makes it possible for the Metasploit Framework to pass settings across modules internally.

  • Global datastore
  • Module datastore
  • Saved datastore

Metasploit Architecture

Advanced Features

This section goes over some of the more sophisticated features in this edition. These functionalities can be used in any compatible exploit, emphasizing the value of using an exploit framework to write attack code.

1. The Meterpreter

  • The Meterpreter is an advanced multi-function payload that can be dynamically expanded at any moment during operation.

2. PassiveX Payloads

  • Any ActiveX controls can be loaded into a target process using the Metasploit Framework. This feature operates by modifying the target system’s registry and causing the attacked process to open Internet Explorer with a URL that points back to the Framework.

3. Chainable Proxies

  • TCP proxies are transparently supported by the Framework, and handler functions for HTTP CONNECT and SOCKSv4 servers are included in this release. The Proxies environment variable must be set in order to use a proxy with a specific exploit. This variable’s value is a comma-separated list of proxy servers, with each server’s type:host:port format.

4. Win32 UploadExec Payloads

5. Win32 DLL Injection Payloads

6. VNC Server DLL Injection

We’ve reached the conclusion of today’s session. I hope you enjoy reading it as much as I liked writing it. The tool is described in detail in this article. Now that you’ve been exposed to this technology, you may utilize your newfound knowledge to begin learning more about it.

“When solving problems, dig at the roots instead of just hacking at the leaves.”

Stay home, stay safe!

Written by Osuni Abeywickrama — 2nd Year 2nd Semester -Cyber Security Student-SLIIT

First they begin with Us..