Open navigation menu

Scribd

100% found this document useful (1 vote)

591 views

Metasploit - Tutorial Part.1

This document provides an overview of the Metasploit framework and covers basic information gathering, vulnerability scanning, and exploitation techniques using Metasploit. It explains key terminology like vulnerabilities and exploits. It demonstrates how to use Nmap and Nessus with Metasploit to scan for vulnerabilities and shows an example of exploiting the Microsoft RPC DCOM vulnerability to add a new user to a vulnerable Windows system. The tutorial is intended to help readers learn the basics of using Metasploit.

Uploaded by

Copyright

© Attribution Non-Commercial (BY-NC)

Available Formats

Download as PDF, TXT or read online on Scribd

100% found this document useful (1 vote)

591 views

Metasploit - Tutorial Part.1

This document provides an overview of the Metasploit framework and covers basic information gathering, vulnerability scanning, and exploitation techniques using Metasploit. It explains key terminology like vulnerabilities and exploits. It demonstrates how to use Nmap and Nessus with Metasploit to scan for vulnerabilities and shows an example of exploiting the Microsoft RPC DCOM vulnerability to add a new user to a vulnerable Windows system. The tutorial is intended to help readers learn the basics of using Metasploit.

Uploaded by

Copyright

© Attribution Non-Commercial (BY-NC)

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 7

P a g e |1

Metasploit tutorial part 1: Inside the Metasploit framework

Karthik R, Contributor

You can read the original story here, on SearchSecurity.in. The Metasploit Framework (Msf) is a free, open source penetration testing solution developed by the open source community and Rapid7. This Metasploit tutorial covers the basic structure of Metasploit and different techniques of information gathering and vulnerability scans using this tool. Metasploit eliminates the need for writing of individual exploits, thus saving considerable time and effort. The use of Metasploit ranges from defending your own systems by breaking into them, to learning about vulnerabilities that pose a real risk. Download Metasploit from http://www.metasploit.com to maximize the learning from this metasploit tutorial.

Figure 1. Metasploit architecture (Courtesy Rapid7)

http://searchsecurity.techtarget.in/tip/Metasploit-tutorial-part-1-Inside-the-Metasploit-framework

P a g e |2

Useful terminology: Vulnerability: A weakness in the target system, through which penetration can successfully occur. Exploit: Once a vulnerability is known, an attacker takes advantage of it, and breaks into the system using a code/script known as an exploit. Payload: This is a set of tasks initiated by the attacker subsequent to an exploit, in order to maintain access to the compromised system.

After installation, it is easy to figure out the file system and libraries, as the naming convention used is self-explanatory and intuitive. Metasploit is based on scripting language, so the script folder contains meterpreter and other scripts required by the framework. Metasploit offers a GUI version, as well as a command line version. All features are accessible via the command line utility, but some users might prefer the GUI. Getting started To kick off this Metasploit tutorial, let us skim through basic footprinting and vulnerability scanning using this tool, before getting into basic exploitation.

Metasploit has good provisions for information gathering and vulnerability scanning, due to its integration with the dradis framework and configuration with various database drivers such as mysql, sqlite and postgresql. This is detailed in Figure 2.

Figure 2. Database configuration in MSF3 console on Backtrack4

http://searchsecurity.techtarget.in/tip/Metasploit-tutorial-part-1-Inside-the-Metasploit-framework

P a g e |3

Figure 3. Using Nmap within Msf console, in Backtrack4

The Nmap command can be used to perform service scans and information gathering using Msf3 as shown in Figure 3. Nmap can be replaced with the db_nmap command in order to connect to the database and store the information. Next in this Metasploit tutorial comes vulnerability assessment, using the bridge between Nessus and Msf3 in Backtrack. For a new scan with Nessus, use the nessus_scan_new command in the console. Before doing this, as seen in Figure 4, nessus_connect is used to connect to the nessus server running, once the credentials have been saved post-setup.

http://searchsecurity.techtarget.in/tip/Metasploit-tutorial-part-1-Inside-the-Metasploit-framework

P a g e |4

Figure 4. Using Nessus bridge with Metasploit, in Backtrack4

The next step in this Metasploit tutorial gets into actual exploitations using Metasploit. Let us attempt to exploit a system on Windows XP with RPC DCOM vulnerability with an attacker system running Metasploit. The lab setup includes a Windows XP attacker system with Metasploit framework installed and a Windows XP vulnerable system, both on VMware. The command search dcom seen on the console will list out all the exploits available with pattern dcom. We are interested in the result displayed as Microsoft RPC DCOM Interface overflow. Next, in the console type >> use windows/dcerpc/ms03_026_dcom followed by >> show options

Figure 5: Metasploit console

http://searchsecurity.techtarget.in/tip/Metasploit-tutorial-part-1-Inside-the-Metasploit-framework

P a g e |5

Figure 6. Options available in the RPC DCOM exploit

Then use the following command to set the target as well as the payload. >> set RHOST 192.168.1.2

Figure 7. Console after setting payload, showing the required module and payload details

http://searchsecurity.techtarget.in/tip/Metasploit-tutorial-part-1-Inside-the-Metasploit-framework

P a g e |6

This sets up our target systems IP address where we would like to perform t his attack. The next command is: >>set PAYLOAD windows/adduser

Figure 8.Executing the exploit

This payload adds a new user account to a Windows machine vulnerable to this exploit. This Metasploit tutorial shows only one payload in action here; you can try out various other payloads available here. In console the type>> exploit

Figure 9. A new user metasploit is created

http://searchsecurity.techtarget.in/tip/Metasploit-tutorial-part-1-Inside-the-Metasploit-framework

P a g e |7

No session is created in this exploit; only a new user is added to the target system. The target system has not had a remote crash, because the exploits here are tested to ensure that no crash occurs. Now, check if the new user metasploit is created in the target system. In the first part of this Metasploit tutorial, the above exploit is applicable during that phase of pen testing when a user needs to be created to gain access to the target system and escalate privileges.

Authors note: This Metasploit tutorial series starts from the basics and gradually moves on to advanced topics such as evading antivirus software with the Metasploit Framework. The information herein draws from Metasploit Unleashed (http://www.offensive-security.com) and select video clips from Vivek Ramachandra, the founder of SecurityTube. About the author: Karthik R is a member of the NULL community. Karthik completed his training for EC-council CEH in December 2010, and is at present pursuing his final year of B.Tech in Information Technology, from National Institute of Technology, Surathkal. Karthik can be contacted on rkarthik.poojary@gmail.com. He blogs at http://www.epsilonlambda.wordpress.co You can subscribe to our twitter feed at @SearchSecIN. You can read the
original story here, on SearchSecurity.in.

http://searchsecurity.techtarget.in/tip/Metasploit-tutorial-part-1-Inside-the-Metasploit-framework

You might also like

AndroGoat Application Vulnerability Assessment
No ratings yet
AndroGoat Application Vulnerability Assessment
14 pages
25 Best Kali Linux Tools
No ratings yet
25 Best Kali Linux Tools
19 pages
Ethical Hacking With Kali Linux
100% (1)
Ethical Hacking With Kali Linux
4 pages
Password Cracker
100% (2)
Password Cracker
2 pages
Metasploit Commands
No ratings yet
Metasploit Commands
18 pages
Ettercap
No ratings yet
Ettercap
25 pages
Metasploit Meterpreter Webcam - List Webcam - Snap Record - Mic - Eric Romang Blog
No ratings yet
Metasploit Meterpreter Webcam - List Webcam - Snap Record - Mic - Eric Romang Blog
6 pages
Email Phishing 01
No ratings yet
Email Phishing 01
72 pages
Packet Sniffing and Spoofing Lab
No ratings yet
Packet Sniffing and Spoofing Lab
12 pages
Metasploit: Metasploit Is An Exploitation Framework
No ratings yet
Metasploit: Metasploit Is An Exploitation Framework
4 pages
Armitage Manual
0% (1)
Armitage Manual
17 pages
Metasploit - Tutorial Part.2
No ratings yet
Metasploit - Tutorial Part.2
6 pages
Using Metasploit For Real
100% (1)
Using Metasploit For Real
6 pages
Use of Metasploit Framework in Kali Linux: April 2015
100% (1)
Use of Metasploit Framework in Kali Linux: April 2015
9 pages
Android Penetration Testing
No ratings yet
Android Penetration Testing
32 pages
Lab 6 - MITM With Ettercap - ARP Poisoning
No ratings yet
Lab 6 - MITM With Ettercap - ARP Poisoning
1 page
Payloads
100% (1)
Payloads
12 pages
VulnVoIP (Vulnerable VoIP) Solutions
No ratings yet
VulnVoIP (Vulnerable VoIP) Solutions
10 pages
Tutorial To Setup A Metasploitable and Kali Linux
No ratings yet
Tutorial To Setup A Metasploitable and Kali Linux
9 pages
Packet Sniffers
No ratings yet
Packet Sniffers
42 pages
Termux The Hacker Inside You
No ratings yet
Termux The Hacker Inside You
16 pages
Languages For Hacking
No ratings yet
Languages For Hacking
7 pages
Comprehensive Guide On Cupp - A Wordlist Generating Tool
No ratings yet
Comprehensive Guide On Cupp - A Wordlist Generating Tool
12 pages
Lab 4a-Securing Passwords-Secknitkit
No ratings yet
Lab 4a-Securing Passwords-Secknitkit
8 pages
01 Burp Suite Dashboard
No ratings yet
01 Burp Suite Dashboard
11 pages
Termux Commands List PDF
No ratings yet
Termux Commands List PDF
2 pages
Install Mono and MSBuild Inside Termux
No ratings yet
Install Mono and MSBuild Inside Termux
2 pages
Abusing SUDO (Linux Privilege Escalation)
100% (3)
Abusing SUDO (Linux Privilege Escalation)
5 pages
Aero HackTheBox Solution
No ratings yet
Aero HackTheBox Solution
14 pages
Sqlmap
No ratings yet
Sqlmap
1 page
Burp Intro 2023 Mini
No ratings yet
Burp Intro 2023 Mini
24 pages
John The Ripper (New)
No ratings yet
John The Ripper (New)
13 pages
Linux: Setup A Transparent Proxy With Squid in Three Easy Steps
No ratings yet
Linux: Setup A Transparent Proxy With Squid in Three Easy Steps
11 pages
05 - Password Cracking & Gaining Remote Access - OphCrack and Armitage - Tested
No ratings yet
05 - Password Cracking & Gaining Remote Access - OphCrack and Armitage - Tested
11 pages
The Fat Rat
0% (1)
The Fat Rat
5 pages
Weaponized XSS Workshop
No ratings yet
Weaponized XSS Workshop
54 pages
Bug Hunting earn money
No ratings yet
Bug Hunting earn money
4 pages
Script Track IP Termux
No ratings yet
Script Track IP Termux
5 pages
Installing Aircrack-Ng From Source
No ratings yet
Installing Aircrack-Ng From Source
10 pages
Android Hacking Using Msfvenom
No ratings yet
Android Hacking Using Msfvenom
1 page
Ethical Hacking
No ratings yet
Ethical Hacking
19 pages
Armitage
No ratings yet
Armitage
28 pages
Command Execution - DVWA: Penetration Testing Lab
0% (1)
Command Execution - DVWA: Penetration Testing Lab
8 pages
Advance Burp Suite Training
No ratings yet
Advance Burp Suite Training
33 pages
Termux Guide
No ratings yet
Termux Guide
11 pages
Chandan R K 18CS3K1042 BSC Csme
No ratings yet
Chandan R K 18CS3K1042 BSC Csme
11 pages
Linux For Pentester
No ratings yet
Linux For Pentester
48 pages
BurpSuite PDF
100% (1)
BurpSuite PDF
24 pages
John The Ripper
No ratings yet
John The Ripper
33 pages
Lab 8 - Gaining Access of Metasploitable Machine Using Metasploit Framework
No ratings yet
Lab 8 - Gaining Access of Metasploitable Machine Using Metasploit Framework
1 page
TheHarvester Cheat Sheet
No ratings yet
TheHarvester Cheat Sheet
1 page
How To Use Ettercap - KaliTut
No ratings yet
How To Use Ettercap - KaliTut
21 pages
Ethical Hacking Using Kali Linux
No ratings yet
Ethical Hacking Using Kali Linux
10 pages
The Art of Penetration Testing a Practical Guide
50% (2)
The Art of Penetration Testing a Practical Guide
221 pages
Metasploit
No ratings yet
Metasploit
26 pages
Exploit Labs Short
No ratings yet
Exploit Labs Short
17 pages
PRoot - Termux Wiki
No ratings yet
PRoot - Termux Wiki
2 pages
2 - Footprinting and Reconnaissance PDF
100% (1)
2 - Footprinting and Reconnaissance PDF
45 pages
Certified Ethical Hacker C.E.H v11 Exam Prep And Dumps
From Everand
Certified Ethical Hacker C.E.H v11 Exam Prep And Dumps
Byte Books
No ratings yet
HACKING WITH KALI LINUX: A Practical Guide to Ethical Hacking and Penetration Testing (2024 Novice Crash Course)
From Everand
HACKING WITH KALI LINUX: A Practical Guide to Ethical Hacking and Penetration Testing (2024 Novice Crash Course)
FLETCHER TATE
No ratings yet
3D Bioprinting From Benches To Translational Applications
No ratings yet
3D Bioprinting From Benches To Translational Applications
47 pages
Intended Learning Outcome: Life Performance Outcome (LPO)
No ratings yet
Intended Learning Outcome: Life Performance Outcome (LPO)
6 pages
Mithun cv-2
No ratings yet
Mithun cv-2
2 pages
Tea Format
No ratings yet
Tea Format
12 pages
MS Azure Data Factory Lab Overview
No ratings yet
MS Azure Data Factory Lab Overview
58 pages
Musuko Ga Kawaikute Shikataganai Mazoku No Hahaoya Vol.9 Chapter 200 Successor - Manganelo
No ratings yet
Musuko Ga Kawaikute Shikataganai Mazoku No Hahaoya Vol.9 Chapter 200 Successor - Manganelo
1 page
Brief Exercises BE2 - 1: No. Account (A) Debit Effect (B) Credit Effect (C) Normal Balance
83% (6)
Brief Exercises BE2 - 1: No. Account (A) Debit Effect (B) Credit Effect (C) Normal Balance
6 pages
Inf Sta3
No ratings yet
Inf Sta3
15 pages
Becker AR 4201 Manual
No ratings yet
Becker AR 4201 Manual
49 pages
2751369-206 - Rev B
No ratings yet
2751369-206 - Rev B
1 page
The Big Test Julie Danneberg download
100% (1)
The Big Test Julie Danneberg download
24 pages
Betahistine Hydrochloride
No ratings yet
Betahistine Hydrochloride
3 pages
Help Children Be Grateful Pray-Ers: November
No ratings yet
Help Children Be Grateful Pray-Ers: November
4 pages
Task Assignment - Week 18. Ingles 2
No ratings yet
Task Assignment - Week 18. Ingles 2
6 pages
WWW - Yoquieroaprobar.es: Elementary Test - 1
100% (1)
WWW - Yoquieroaprobar.es: Elementary Test - 1
30 pages
SS3 Mathematics E-Note
No ratings yet
SS3 Mathematics E-Note
125 pages
Security Assessment Findings Report
No ratings yet
Security Assessment Findings Report
11 pages
Practice Question 1 P&A (Q&A)
No ratings yet
Practice Question 1 P&A (Q&A)
2 pages
DG211B/212B: Vishay Siliconix
No ratings yet
DG211B/212B: Vishay Siliconix
9 pages
List Salsa 6500 Albums
No ratings yet
List Salsa 6500 Albums
163 pages
Arcane Tradition: Arcane Archer
No ratings yet
Arcane Tradition: Arcane Archer
3 pages
Present Simple or Present Continuous 2018
No ratings yet
Present Simple or Present Continuous 2018
1 page
Finals MS Powerpoint SGN
No ratings yet
Finals MS Powerpoint SGN
18 pages
Classification of Articulators: Awni Rihani, D.D.S., M.Sc.
No ratings yet
Classification of Articulators: Awni Rihani, D.D.S., M.Sc.
4 pages
Advantages and Disadvantages of Technology
No ratings yet
Advantages and Disadvantages of Technology
1 page
Hero - Honda Data
No ratings yet
Hero - Honda Data
9 pages
FS5 Field Study Learning Episode: The K To 12 Grading System
No ratings yet
FS5 Field Study Learning Episode: The K To 12 Grading System
9 pages
Almeida Theatre Production of Homecoming by Pinter
No ratings yet
Almeida Theatre Production of Homecoming by Pinter
34 pages
Oracle EBS R12 Setup Notes
100% (1)
Oracle EBS R12 Setup Notes
25 pages
Kenneth Foner - Getting A Quick Fix On Comonads
No ratings yet
Kenneth Foner - Getting A Quick Fix On Comonads
12 pages

AndroGoat Application Vulnerability Assessment
AndroGoat Application Vulnerability Assessment
25 Best Kali Linux Tools
25 Best Kali Linux Tools
Ethical Hacking With Kali Linux
Ethical Hacking With Kali Linux
Password Cracker
Password Cracker
Metasploit Commands
Metasploit Commands
Ettercap
Ettercap
Metasploit Meterpreter Webcam - List Webcam - Snap Record - Mic - Eric Romang Blog
Metasploit Meterpreter Webcam - List Webcam - Snap Record - Mic - Eric Romang Blog
Email Phishing 01
Email Phishing 01
Packet Sniffing and Spoofing Lab
Packet Sniffing and Spoofing Lab
Metasploit: Metasploit Is An Exploitation Framework
Metasploit: Metasploit Is An Exploitation Framework
Armitage Manual
Armitage Manual
Metasploit - Tutorial Part.2
Metasploit - Tutorial Part.2
Using Metasploit For Real
Using Metasploit For Real
Use of Metasploit Framework in Kali Linux: April 2015
Use of Metasploit Framework in Kali Linux: April 2015
Android Penetration Testing
Android Penetration Testing
Lab 6 - MITM With Ettercap - ARP Poisoning
Lab 6 - MITM With Ettercap - ARP Poisoning
Payloads
Payloads
VulnVoIP (Vulnerable VoIP) Solutions
VulnVoIP (Vulnerable VoIP) Solutions
Tutorial To Setup A Metasploitable and Kali Linux
Tutorial To Setup A Metasploitable and Kali Linux
Packet Sniffers
Packet Sniffers
Termux The Hacker Inside You
Termux The Hacker Inside You
Languages For Hacking
Languages For Hacking
Comprehensive Guide On Cupp - A Wordlist Generating Tool
Comprehensive Guide On Cupp - A Wordlist Generating Tool
Lab 4a-Securing Passwords-Secknitkit
Lab 4a-Securing Passwords-Secknitkit
01 Burp Suite Dashboard
01 Burp Suite Dashboard
Termux Commands List PDF
Termux Commands List PDF
Install Mono and MSBuild Inside Termux
Install Mono and MSBuild Inside Termux
Abusing SUDO (Linux Privilege Escalation)
Abusing SUDO (Linux Privilege Escalation)
Aero HackTheBox Solution
Aero HackTheBox Solution
Sqlmap
Sqlmap
Burp Intro 2023 Mini
Burp Intro 2023 Mini
John The Ripper (New)
John The Ripper (New)
Linux: Setup A Transparent Proxy With Squid in Three Easy Steps
Linux: Setup A Transparent Proxy With Squid in Three Easy Steps
05 - Password Cracking & Gaining Remote Access - OphCrack and Armitage - Tested
05 - Password Cracking & Gaining Remote Access - OphCrack and Armitage - Tested
The Fat Rat
The Fat Rat
Weaponized XSS Workshop
Weaponized XSS Workshop
Bug Hunting earn money
Bug Hunting earn money
Script Track IP Termux
Script Track IP Termux
Installing Aircrack-Ng From Source
Installing Aircrack-Ng From Source
Android Hacking Using Msfvenom
Android Hacking Using Msfvenom
Ethical Hacking
Ethical Hacking
Armitage
Armitage
Command Execution - DVWA: Penetration Testing Lab
Command Execution - DVWA: Penetration Testing Lab
Advance Burp Suite Training
Advance Burp Suite Training
Termux Guide
Termux Guide
Chandan R K 18CS3K1042 BSC Csme
Chandan R K 18CS3K1042 BSC Csme
Linux For Pentester
Linux For Pentester
BurpSuite PDF
BurpSuite PDF
John The Ripper
John The Ripper
Lab 8 - Gaining Access of Metasploitable Machine Using Metasploit Framework
Lab 8 - Gaining Access of Metasploitable Machine Using Metasploit Framework
TheHarvester Cheat Sheet
TheHarvester Cheat Sheet
How To Use Ettercap - KaliTut
How To Use Ettercap - KaliTut
Ethical Hacking Using Kali Linux
Ethical Hacking Using Kali Linux
The Art of Penetration Testing a Practical Guide
The Art of Penetration Testing a Practical Guide
Metasploit
Metasploit
Exploit Labs Short
Exploit Labs Short
PRoot - Termux Wiki
PRoot - Termux Wiki
2 - Footprinting and Reconnaissance PDF
2 - Footprinting and Reconnaissance PDF
Certified Ethical Hacker C.E.H v11 Exam Prep And Dumps
From Everand
Certified Ethical Hacker C.E.H v11 Exam Prep And Dumps
HACKING WITH KALI LINUX: A Practical Guide to Ethical Hacking and Penetration Testing (2024 Novice Crash Course)
From Everand
HACKING WITH KALI LINUX: A Practical Guide to Ethical Hacking and Penetration Testing (2024 Novice Crash Course)
3D Bioprinting From Benches To Translational Applications
3D Bioprinting From Benches To Translational Applications
Intended Learning Outcome: Life Performance Outcome (LPO)
Intended Learning Outcome: Life Performance Outcome (LPO)
Mithun cv-2
Mithun cv-2
Tea Format
Tea Format
MS Azure Data Factory Lab Overview
MS Azure Data Factory Lab Overview
Musuko Ga Kawaikute Shikataganai Mazoku No Hahaoya Vol.9 Chapter 200 Successor - Manganelo
Musuko Ga Kawaikute Shikataganai Mazoku No Hahaoya Vol.9 Chapter 200 Successor - Manganelo
Brief Exercises BE2 - 1: No. Account (A) Debit Effect (B) Credit Effect (C) Normal Balance
Brief Exercises BE2 - 1: No. Account (A) Debit Effect (B) Credit Effect (C) Normal Balance
Inf Sta3
Inf Sta3
Becker AR 4201 Manual
Becker AR 4201 Manual
2751369-206 - Rev B
2751369-206 - Rev B
The Big Test Julie Danneberg download
The Big Test Julie Danneberg download
Betahistine Hydrochloride
Betahistine Hydrochloride
Help Children Be Grateful Pray-Ers: November
Help Children Be Grateful Pray-Ers: November
Task Assignment - Week 18. Ingles 2
Task Assignment - Week 18. Ingles 2
WWW - Yoquieroaprobar.es: Elementary Test - 1
WWW - Yoquieroaprobar.es: Elementary Test - 1
SS3 Mathematics E-Note
SS3 Mathematics E-Note
Security Assessment Findings Report
Security Assessment Findings Report
Practice Question 1 P&A (Q&A)
Practice Question 1 P&A (Q&A)
DG211B/212B: Vishay Siliconix
DG211B/212B: Vishay Siliconix
List Salsa 6500 Albums
List Salsa 6500 Albums
Arcane Tradition: Arcane Archer
Arcane Tradition: Arcane Archer
Present Simple or Present Continuous 2018
Present Simple or Present Continuous 2018
Finals MS Powerpoint SGN
Finals MS Powerpoint SGN
Classification of Articulators: Awni Rihani, D.D.S., M.Sc.
Classification of Articulators: Awni Rihani, D.D.S., M.Sc.
Advantages and Disadvantages of Technology
Advantages and Disadvantages of Technology
Hero - Honda Data
Hero - Honda Data
FS5 Field Study Learning Episode: The K To 12 Grading System
FS5 Field Study Learning Episode: The K To 12 Grading System
Almeida Theatre Production of Homecoming by Pinter
Almeida Theatre Production of Homecoming by Pinter
Oracle EBS R12 Setup Notes
Oracle EBS R12 Setup Notes
Kenneth Foner - Getting A Quick Fix On Comonads
Kenneth Foner - Getting A Quick Fix On Comonads