4. What is Metasploit? 1
• Metasploit is a penetration testing framework that makes hacking
simple. It's an essential tool for many attackers and defenders. Point
Metasploit at your target, pick an exploit, what payload to drop, and hit
Enter.
• Metasploit is a hacking framework written in ruby. It is designed to help
make writing and executing exploits as simple as possible.
• Capabilities include smart exploitation, password auditing, web
application scanning, and social engineering.
5. History of Metasploit 2
HD Moore began working on Metasploit in the early ought's, and
released 1.0, written in Perl, in 2003. The project has grown dramatically
since then, from the original 11 exploits the project came with to more
than 1,500 now, plus around 500 payloads, with a switch to Ruby under
the hood along the way.
Security outfit Rapid7 acquired both Metasploit and Moore in 2009.
(Moore left the project in 2016.) Metasploit has since become the de
facto framework for exploit development, despite competition from
Canvas and Core Impact. Today it is common for zero day reports to
include a Metasploit module as proof of concept.
6. Overview of Metasploit 3
1. Open source tool Used for:
• Penetration testing
• IDS Signature Development
• Exploit Research
2. Consists of:
• Web server
• Console
• Signatures
3. Runs on any operating system
Source code for Linux/Unix/ MacOS X Portable to Windows via CYGWIN
4. Allows anyone to exploit & usually “root”
certain machines with only an IP address
and a basic background of the system
5. Requires no knowledge of the software
bug, or exploit machine code
7. How to use Metasploit? 4
• During the information gathering phase of a pen-test, Metasploit integrates
seamlessly with Nmap, SNMP scanning and Windows patch enumeration,
among others. There's even a bridge to Nessus, Tenable's vulnerability scanner.
Pretty much every reconnaissance tool you can think of integrates with
Metasploit, making it possible to find the chink in the armor you're looking for.
• Once you've identified a weakness, hunt through Metasploit large and
extensible database for the exploit that will crack open that chink and get you
in.
• Once on a target machine, Metasploit quiver contains a full suite of post-
exploitation tools, including privilege escalation, pass the hash, packet sniffing,
screen capture, key-loggers, and pivoting tools.
8. How to learn Metasploit? 5
• Many free and cheap resources are available to learn Metasploit. The best
place to start for many is probably downloading and installing Kali Linux,
along with a vulnerable virtual machine (VM) for target practice.
• Offensive Security, the folks who maintain Kali and run the OSCP
certification, also offer Metasploit Unleashed, a free training course that
asks only for a donation to hungry children in Africa in return.
• The Metasploit project offers detailed documentation and its YouTube
channel is another good resource for the beginning penetration tester.
9. Where to get Metasploit? 6
• Metasploit ships as part of Kali Linux, but you can also download it separately at
the Metasploit website. Metasploit runs on *nix and Windows systems. The
Metasploit Framework source code is available on GitHub.
• Like Coca-Cola, Metasploit comes in different flavors. In addition to the free/
libre Metasploit Framework, Rapid7 also produces the Metasploit Community
Edition, a free web-based user interface for Metasploit, and Metasploit Pro, the
big daddy with the non-free add-ons for pen-testers who prefer a GUI or MS
Office-like wizards to perform baseline audits, and want to phish their clients as
part of an engagement. Rapid7 offers a feature comparison on its website.
10. What is penetration testing? 7
• Penetration testing, often called “pentesting”, “pen testing”, or “security
testing”, is the practice of attacking your own or your clients’ IT systems in the
same way a hacker would to identify security holes.
• The person carrying out a penetration test is called a penetration tester or
pentester.
• Penetration testing requires that you get permission from the person who
owns the system. Otherwise, you would be hacking the system, which is
illegal.
11. What is penetration testing? 7
You can become a penetration tester at home by testing your own server
and later make a career out of it.
To better understand penetration testing, you first need to understand the
basic security concepts of:
• Vulnerabilities
• Exploits
• Payloads
12. What is a vulnerability? 8
A vulnerability is a security hole in a piece of software, hardware or
operating system that provides a potential angle to attack the system. A
vulnerability can be as simple as weak passwords or as complex as buffer
overflows or SQL injection vulnerabilities.
Vulnerability scanning will allow you to quickly scan a target IP range
looking for known vulnerabilities, giving a penetration tester a quick idea of
what attacks might be worth conducting.
13. What is an exploit? 9
To take advantage of a vulnerability, you often need an exploit, a small and
highly specialized computer program whose only reason of being is to take
advantage of a specific vulnerability and to provide access to a computer
system.
Exploits often deliver a payload to the target system to grant the attacker
access to the system.
The Metasploit Project host the world’s largest public database of quality-
assured exploits.
Even the name Metasploit comes from the term “exploit”.
14. What is Payload? 10
A payload can be considered to be somewhat similar to a virus. A payload
is a set of malicious codes that carry crucial information that can be used
to hack any device beyond limits that you can't imagine.
Generally, a payload refers to a set of codes which a hacker designs
according to his/her requirements.
15. Summary 11
Metasploit is very easy to use, and very powerful
• Web interface allows the scans to be run from any system, on any
operating system.
• Evidence may or may not be left behind on the system.
• IDS/IPS will sense these exploits.
• Only contains old & well known exploits.