Introduction

• Metasploit is a widely used exploitation framework.
• It is a powerful tool that can support all phases of a penetration testing engagement, from information gathering to post-exploitation.
• The main components of metasploit-framework are:
  • msfconsole: The main command-line interface
  • Modules: Supporting modules such as exploits, scanners, payloads etc.
  • Tools: Tools that help with vulnerability research, vulnerability assessment, or penetration testing, for example - msfvenom, pattern_create etc.

Main Components of Metasploit

• Launch Metasploit using msfconsole.

  

• It is our main interface to interact with the different modules of the Metasploit Framework.

• Modules are small components within the Metasploit framework that are built to perform a specific task, such as:

  • Exploiting a vulnerability
  • Scanning a target
  • Performing a brute-force attack

• Some important keyterms:

  • Exploit: It is a piece of code that uses a vulnerability present on the target system.
  • Vulnerability: It is a design, coding, or logic flaw affecting the target system.
  • Payload: Exploits take the advantage of a vulnerability, but if we want the exploit to have the result we want like - gaining access to the target system, reading confidential information, loading a malware or backdoor on the target system etc. we need to use a payload. They are the code that runs on the target system.

Auxiliary

• Any supporting module, such as scanners, crawlers and fuzzers, can be found here.

  

Encoders

• They allow us to encode the exploit and payload in the hope that a signature-based antivirus solution may miss them.

• Encoders can have a limited success rate as antivirus solutions can perform additional checks.

  

Evasion

• Encoders encode the payload, but they should not be considered a direct attempt to evade antivirus software. Whereas evasion modules will try that, with more or less success.

  

Exploits

NOPs

• NOPs (No Operation) do nothing.