When you are satisfied you have gathered enough info from recon and enumeration, you can try to begin to exploit. Metasploit is a powerful framework used for penetration testing, exploit development, and vulnerability discovery. Below is a general guide to using Metasploit, focusing on some fundamental commands such as msfupdate, msfconsole, search, use, and exploit.
1. Updating Metasploit with msfupdate
Before diving into Metasploit, it’s essential to ensure you have the latest updates and exploits. The msfupdate command is used to update the Metasploit Framework. However, if you’re using the Metasploit version bundled with certain Linux distributions like Kali Linux, updates are managed through the system’s package manager (apt for Debian-based systems, including Kali Linux), and the msfupdate command might not be available. In such cases, you would use:
sudo apt-get update
sudo apt-get upgrade metasploit-framework2. Starting Metasploit with msfconsole
To start Metasploit, you use the msfconsole command, which launches the Metasploit console, a command-line interface that provides full access to the Metasploit Framework. Simply type:
msfconsoleUpon starting, msfconsole might display a banner and some initial setup information, including the number of exploits, payloads, and other modules available.
If you have any issues launching this – check the issues page
3. Searching for Modules with search
Once in msfconsole, you can search for specific exploits, auxiliary modules, or any other module type using the search command. For example, to search for modules related to a specific vulnerability or target, you would use:
search [keyword]Replace [keyword] with the name, CVE, or any other identifier related to the vulnerability or system you’re interested in. For example, to search for exploits related to SSH, you would use:
search ssh
4. Selecting a Module with use
After finding the module you want to work with based on the target enumeration you have completed, use the use command to select it. The syntax is:
use [module path]The [module path] is the full path of the module you wish to use, which is displayed next to the module name in the search results. For example, to use an SSH exploit, you might do:
use exploit/unix/ssh/some_ssh_exploit5. Setting Options and Running the Exploit with exploit
Before running an exploit, you need to configure its options, such as the target’s IP address (RHOSTS), the payload, and any exploit-specific options. Use the options or show options command to display the available options for the selected module:
show optionsTo set an option, use the set command:
set RHOSTS 192.168.1.100After configuring the exploit, you launch it using the exploit command:
exploitOr, to run the exploit in the background:
exploit -jSummary
This guide covers the basics of getting started with Metasploit, from updating the framework to selecting and running an exploit. Remember, the effectiveness of your penetration testing with Metasploit relies on understanding the target system, choosing the right exploits, you need to take enumeration and documenting very seriously. Always ensure you have legal authorization before attempting to exploit any system.