The Metasploit Project is an open-source computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
The Metasploit Project is also well-known for anti-forensic and evasion tools, some of which are built into the Metasploit Framework.
Well in this thread, i'll be talking about the Metasploit Framework(sub-project), a tool for developing and executing exploit code against a remote target machine.
First of all, Metaspoit is avilable for Windows but i prefer using it on a Linux distro.If you have Backtrack, then it is already installed.
Metaspoit is available in Backtrack on the following location:
/pentest/exploits/framework3
to launch Metasploit Command line type( best ):
./msfconsole
to launch Metasploit GUI ( sucks, don't use it ):
./msfgui
to launch Metasploit Web (sucks too ):
./msfweb
Always when you launch Msfconsole, update it by typing:
msfupdate
Steps to exploit a remote Pc:
1- You should be familiar with nmap ( Network Mapper ) - a security scanner. You should know how to use it to scan all the open ports, services, OS .. ( i'll post a thread for nmap tomorrow )
2- Choosing and configuring the exact exploit ( Code that executes in a system by taking advantage of a bug ). Currently, there's like 500-600 exploits available in Metasploit. ( Linux/Windows/Mac OS )
3-Choosing a Payload, It could be a BindShell, Reverse Shell ( Command Shell Payloads ) or Meterpreter.
Meterpreter is a .DLL file that downloads automatically to the Target system if you chose it as the exploit Payload. It allows you to Key log, take screenshots, Dump the Hashes of the Password, Jump in to another Pc in the intranet for example, Increase your token from guest to Admin on the Target Pc and LOTS LOTS of other commands you can execute using Meterpreter.
All those commands are based on Extensions in the Metasploit, There is 3 Etensions: Priv, Stdapi, Espia.
*Espia extension, one of the command: Taking a screenshot or Record Audio ( still laggy )
*Stdapi extension, one of the commands: Dump the hashes of the passwords on the current PCs.
*Priv extension, one of the commands: Dumping the Kestrokes after logging them.
Lots of other Commands in those extension are available.
You can't use the externsion all at once, one at a time.
To change between extensions while in Meterpreter, simply type:
use "extension name"
(without the " " )
Payloads in Metasploit are written in Assembly.
4- Executing the exploit. you just type :
exploit
after setting up the exploit and the payload.
You can set a Global Ip and a Global Port for the Exploits. Rather than setting an Ip per exploit, one by one.
You can use Autopwn to check and use all the exploits on the target Pc. But i don't prefer using it.
Well as you see here, it's just a fast 10 min tutorial that i just wrote. But that's nothing of Metasploit, it's only the basics.
This tutorial is about Metasploit,exploit development, vulnerability and more. You should read this tutorial made by the offensive security team, its very good and it's free.
http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training
It has everything you should know about metasploit, step by step.