Hello my fellow noobs! We are going to start a tutorial series on Metasploit. So lets get straight to the shit without wasting any time.
What is Metasploit?
Metasploit is a framework for penetration testing developed by HD Moore in 2003. Metasploit was originally written in perl back then, and then it was completely written in Ruby. And then Rapid7 a Cyber Security Company purchased it in 2009.
It comes in 6 different interfaces Metasploit Framework Edition, Metasploit Community Edition, Metasploit Express, Metasploit Pro, Armitage, Cobalt Strike.In this series we will cover stuff from Metasploit Community Edition. Community Edition comes preinstalled in all pentesting linux distributions with many exploits payloads, auxiliaries, modules etc. Today in this article we will talk about how to start metasploit and specially for windows users i’ll tell how we can install and use it in windows.
Before installation part let’s get our eyes on some basic terms used in metasploit.
Exploit : An exploit is a piece of code which can be sent to a vulnerable service running on the the target device to gain access to it.
Auxiliary : Auxiliary is a module of metasploit framework which allows you to conduct vulnerability scanning, fuzzing, port scanning, and other information gathering stuff. Auxiliary can make metasploit work as an FTP, HTTP or SMTP client and more cool things. and the best part is you can create your own metasploit auxiliary.
Encoders : Encoder is a program or software or in metasploit we say a module which helps you to encode the original code of a payload or backdoor which you gonna send to victim so that anti-virus, firewall programs can’t detect your malicious payload and you can have an access to the victim’s system like a boss xD. Encoders were originally used to escape bad characters/NULL characters in the CPU instruction string like a shell code by means of logics and aruthmatic operations like XOR, etc.
Payloads : Payload is refereed to a piece of code which accomplishes the action such as harvesting information from targeted service, hijacking/hacking the targeted service/system.
Backdoor : A backdoor is a hidden entry to a device that bypasses security measures such as login protections, firewalls, anti-viruses. most of the hackers use backdoors to maintain a access to their hacked systems/servers. In metasploit framework there are 3 different types of payload modules : Singles, Stagers, and Stages. These different types of modules can be found usefull in different scenarios.
Post : It is a collection of post exploitation modules in metasploit which can be run on hacked target systems to gather evidence and much more.
Listener : In metasploit there is a listener too which is used to listen to the incoming requests and if it is from the system you have targeted and successfully exploited then it listen’s to the incoming requests from the targeted system and opens a reverse shell to it and makes a session.
Meterpreter : Meterpreter is an advanced payload which communicates over stager socket and gives you a connection to the target system after exploitation.
Client Side Attacks : In client side attacks an attacker needs user interaction to hack them or gain access to the machine. like doing some spear phishing attack on them, make them use your app/software, make them open any image,document which is embedded with a malicious payload which will trigger when they open these kind of files sent by attacker.
Server Side Attacks : In server side attacks the attacker doesn’t needs user interaction to gain access to the servers/systems. In Server Side Attacks attacker exploits vulnerable service on the server remotely and takes control over it.
Remote Exploitation : In remote exploitation an attacker doesn’t needs any interaction with victim user or doesn’t needs to access to the target system physically to do something. The attacker can have access to the targeted system/server by exploiting vulnerabilities on the target.
NOP : NOP stands for No Operation. NOP is used to break current execution cycle of assembly codes running on target. basically it gives instructions to the executed command/exploit/payload to breakdown or stop its execution on machine.
Metasploit can be used in web application attacks too as it got many web application exploits pre loaded and you can also load more from Exploit-DB.
Well guys that’s all for now, we will learn how to install install metasploit in next article before we start learning the real stuff.
For now you can read more about Exploits, Payloads and Vulnerabilities. Thanks for supporting.
Keep Learning! Keep Hacking!
Also Read : CPU, Memory and Buffer Overflow