What Is Metasploit?

Metasploit is among the most widely used exploitation tools in the hacking/security field. It's used by both novices and advanced professionals.Insecure.Org, run by Fyodor, the founder of Nmap, annually surveys security professionals for their opinion on the top security software. Metasploit has consistently ranked among the top ten since its inception and currently ranks second. That should give you some idea of how important Metasploit is in the security community.

Metasploit is a self-described "framework" for cyber exploitation. As a framework, it eases the effort to exploit known vulnerabilities in networks, operating systems and applications, and to develop new exploits for new or unknown vulnerabilities. As of last Thursday, Project Basecamp announced the development of a Stuxnet-like module for Metasploit.

Metasploit has developed a Meterpreter that when loaded into a target system, makes maintaining access and controlling the target much easier. As such, every self-respecting hacker (and even those without self-respect) should have some basic knowledge of Metasploit. This series of articles will initially focus on conferring at least a rudimentary understanding of how Metasploit works and how it can be utilized by the hacker/penetration tester to own the box, download data and cover your tracks.

First open a terminal window and type:

wget http://updates.metasploit.com/data/releases/framework-4.0.0-linux-full.run

If you're installing on a 64-bit build of Ubuntu, use this instead:

wget http://updates.metasploit.com/data/releases/framework-4.0.0-linux-x64-full.run

This downloads the current version of the Metasploit framework via Wget.

Before you can run the installer, you need to make it executable. In the terminal, you must change the mode to execute (x) for Metasploit:

chmod +x framework-4.*-linux-full.run

And now execute the installer by getting root privileges by typing sudo and ./ with the name of our package:

sudo ./framework-4.*-linux-full.run

A few fun commands before we go into our next section in the future:

check

There aren’t many exploits that support it, but there is also a ‘check’ option that will check to see if a target is vulnerable to a particular exploit instead of actually exploiting it.

msf exploit(ms08_067_netapi) > show options

Module options (exploit/windows/smb/ms08_067_netapi): Name Current Setting Required Description ---- --------------- -------- ----------- RHOST 172.16.194.134 yes The target address RPORT 445 yes Set the SMB service port SMBPIPE BROWSER yes The pipe name to use (BROWSER, SRVSVC) Exploit target: Id Name -- ---- 0 Automatic Targeting

msf exploit(ms08_067_netapi) > check

[*] Verifying vulnerable status... (path: 0x0000005a) [*] System is not vulnerable (status: 0x00000000) [*] The target is not exploitable.

msf exploit(ms08_067_netapi) > show payloads

#linux #metasploit #coding #exploit #payload