Metasploit Framework

Introduction

Whenever we say "Penetration Testing tool", the first thing that comes to our mind is the world's largest Ruby project, with over 700,000 lines of code, the 'Metasploit'. You might have seen in many cyber movies, wherein a person will be operating a computer and he/she will be typing at god speed and within seconds, hacks into systems or networks. Metasploit is used to do that in reality.



The Metasploit Framework is a program and a sub-project developed by Metasploit LLC. It was initially created in 2003 in the Perl programming language, but was later completely re-written in the Ruby programming Language. With the most recent release, Metasploit has taken exploit testing and simulation to a whole new level, increasing the speed and destructiveness of code of exploit in shortest possible time.


Working with Metasploit

Metasploit framework has three work environments, the msfconsole, the msfcli interface and the msfweb interface. However, the primary and the most preferred work area is the 'msfconsole'. It is an efficient and powerful command-line interface which has its own command set and environment system.

Understanding some basic command lines of msfconsole 

Below are some of the commands that you will use the most. Graphical explanation of their outputs would be given while using them to exploit targets.

search <keyword>: Typing in the command 'search' along with the keyword lists out the various possible exploits that have that keyword pattern.

show exploits: Typing in the command 'show exploits' lists out the currently available exploits. There are remote exploits for various platforms and applications including Windows, Linux, IIS, Apache, and so on, which help to test the flexibility and understand the working of Metasploit.

show payloads: With the same 'show' command, we can also list the payloads available. We can use a 'show payloads' to list the payloads.

show options: Typing in the command 'show options' will show you options that you have set and possibly ones that you might have forgotten to set. Each exploit and payload comes with its own options that you can set.

info <type> <name>: If you want specific information on an exploit or payload, you are able to use the 'info' command. Let's say we want to get complete info of the payload 'winbind'. We can use 'info payload winbind'.

use <exploit_name>: This command tells Metasploit to use the exploit with the specified name.

set RHOST <hostname_or_ip>: This command will instruct Metasploit to target the specified remote host.

set RPORT <host_port>: This command sets the port that Metasploit will connect to on the remote host.

set PAYLOAD <generic/shell_bind_tcp>: This command sets the payload that is used to a generic payload that will give you a shell when a service is exploited.

set LPORT <local_port>: This command sets the port number that the payload will open on the server when an exploit is exploited. It is important that this port number be a port that can be opened on the server (i.e.it is not in use by another service and not reserved for administrative use), so set it to a random 4 digitnumber greater than 1024, and you should be fine. You'll have to change the number each time you successfully exploit a service as well.

exploit: Actually exploits the service. Another version of exploit, rexploit reloads your exploit code and then executes the exploit. This allows you to try minor changes to your exploit code without restarting the console

help: The 'help' command will give you basic information of all the commands that are not listed out here.

Pen Testing using Metasploit


Our aim is to gain remote access to the given target machine, that is the Metasploitable. Metasploitable is a virtual Linux operating machine consisting of many pre-included vulnerabilities.


STEP 1

Performing the NMAP on remote server 192.168.43.92
The output of the NMAP shows open ports which can be used to exploit the remote target.





STEP 2

Open up the Terminal in the Linux and start the msfconsole using the command ‘msfconsole’.
Then comes the coolest ever command line interface……..METASPLOIT!!






STEP 3

Then we find some exploits to the open ports which are available in the results of NMAP by using the command, “show exploits” in msf.



STEP 4

After getting the exploit, we use it in the msfconsole using the command “use exploit_name”.  This command activates our exploit.


Here we can see that after using the exploit, the command prompt has changed from “msf>” to “msf exploit(unix/ftp/vsftpd_234_backdoor)>”  which indicates the successful activation of the exploit.


STEP 5

Now we need to configure the exploit in accordance to our current conditions.
The “show options” command displays the various parameters which are required to launch our exploit. 
In the above case RPORT is already set to 21 and the remaining option is to be set by using the “set rhost ” command.
Now we should set RHOST to 192.168.43.92 using the command “set rhost 192.168.43.92”




STEP 6

The last step is to set up the payload for the exploit. We can view all the available payloads using the command using “show payloads”.





In our scenario, we are using the available payload “cmd/unix/interact”.
Using the command “set payload cmd/unix/interact ”, we set the respective payload .
Now we make sure that the parameters already set are correct and proceed to the next step.


STEP 7 

Now we exploit the target using the command “exploit” which launches the attack.




And…… Voila!!!!

We got the remote access!!

Now using the “help” command we can see all the commands used onto the remote server to perform desired actions.

SUMMARY 

We have used the Metasploit  framework and successfully gained remote access of the Metasploitable Virtual Machine .




-By Omkar Thipparthi

Comments

Post a Comment

Popular posts from this blog

Hacking Windows using Metasploit Framework!!

Image
 *ONLY FOR EDUCATIONAL PURPOSES* Intro: Yes, you heard it right. This blog is all gonna be about Hacking into a Windows based system and gaining complete access onto it. Cool Stuff you can do with this: Take Screenshots of the targets system Webcam Snaps/Live Streaming Get access to the entire directory Keylogging Location coordinates of the target This was all just a piece of the play. MetaSploit Framework( msf ) is an area where you have to get creative to know about what all you can do with the resources provided. The more you work, the more you learn. Without further a do, Let's get started!! ___________________________________________________________________________________ Things you'll need: Kali Linux(Preferably)  Target Device Internet  well, that's it! Step 1: Fire-up your Kali and launch the terminal. Start the PostgreSQL service from there. Metasploit uses PostgreSQL as its database so it needs to be launched
Read more

KALI LINUX - A Hacker's best Companion

A security-focused Operating system is a hacker’s best companion and a heaven for most of the pen-testers. Kali Linux, the most popular OS amongst all other Linux distros, has made it to the top in the cyber field. Nuts and bolts of Kali Linux Kali Linux  was released by Offensive Security on March 13, 2013 , which is a rebuild of BackTrack Linux. In order to make penetration testing more effective, Offensive Security decided to replace their vulnerable BackTrack Linux project and started working on Kali based on Debian distribution. Debian is considered as the best distribution for it’s stability and quality of repositories. Kali was made completely focusing on penetration testing  and security analysis. This open-source OS is loaded with over 600 tools for performing almost every kind of security based tasks. Also, Live booting capability makes Kali Linux an ideal workstation for pentesting. Few of the most popular pre-installed tools : Metasploit : An open source sec
Read more