KEMBAR78
Metasploit Exploitation | PDF | Computing | Software
Scribd
Upload
14 views12 pages

Metasploit Exploitation

The document provides an overview of Metasploit, a powerful open-source framework for penetration testing and exploitation, detailing its functionalities such as scanning target systems, service discovery, and database management. It emphasizes the importance of using Metasploit's database feature for organizing scan results and findings, as well as the role of vulnerability scanning in identifying security weaknesses. Additionally, it outlines the process of using Metasploit for exploitation after identifying targets and vulnerabilities.

Uploaded by

Sh Rahat
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
14 views12 pages

Metasploit Exploitation

The document provides an overview of Metasploit, a powerful open-source framework for penetration testing and exploitation, detailing its functionalities such as scanning target systems, service discovery, and database management. It emphasizes the importance of using Metasploit's database feature for organizing scan results and findings, as well as the role of vulnerability scanning in identifying security weaknesses. Additionally, it outlines the process of using Metasploit for exploitation after identifying targets and vulnerabilities.

Uploaded by

Sh Rahat
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Metasploit Exploitation

SG-Learning

Metasploit Exploitation

By: Souleiman Guedi


Metasploit Exploitation
SG-Learning

Content
What’s Metasploit
Scanning Target Systems Using Metasploit
Service Discovery
Using the Metasploit Database Feature
Kali Linux and Metasploit Database

Metasploit Database Workspaces


Vulnerability Scanning
Metasploit Exploitation
SG-Learning

What’s Metasploit?
Metasploit is the GOAT of cybersecurity tools—a free, open-source framework for
penetration testing and exploitation. Born in 2003 by HD Moore and now run by Rapid7,
it’s packed with exploits, payloads, and modules to test systems like a pro. Whether
you’re hitting Windows, Linux, or IoT, Metasploit’s got you covered.

• Why it’s fire: Thousands of exploits, user-friendly CLI or GUI, and a massive
community.
• Who’s using it: Ethical hackers, pen testers, and red teamers (and yeah, the bad
guys, so learn it to defend!).

Scanning Target Systems Using Metasploit


Before you exploit, you gotta know what’s out there. Metasploit’s got auxiliary modules
for scanning to find open ports, services, and juicy targets. Fire up msfconsole
and try this:

Basic Port Scanning

Use the auxiliary/scanner/portscan/tcp module to scan for open TCP


ports:
Metasploit Exploitation
SG-Learning
• CONCURRENCY: Number of targets to be scanned simultaneously.
• PORTS: Port range to be scanned. Please note that 1-1000 here will
not be the same as using Nmap with the default
configuration. Nmap will scan the 1000 most used ports,
while Metasploit will scan port numbers from 1 to 10000.
• RHOSTS: Target or target network to be scanned.
• THREADS: Number of threads that will be used simultaneously. More
threads will result in faster scans.

set RHOSTS 10.10.242.23

Run

This checks ports 1-1000 on the target. Adjust PORTS for a full scan (1-
65535) if you’re patient.

Service Discovery
To identify services (like SMB or HTTP), use a module like
auxiliary/scanner/smb/smb_version:

set RHOSTS 10.10.242.23

run
Metasploit Exploitation
SG-Learning

Using the Metasploit Database Feature


Metasploit’s database keeps your scans and findings organized, so you’re
not scrambling through text files. It uses PostgreSQL, and Kali Linux usually
has it set up. Start the database with:

What is Metasploit's Database?


Metasploit is a powerful framework used by ethical hackers and
penetration testers to scan, exploit, and manage findings about systems
they test.
To help keep all this data organized, Metasploit uses a database —
specifically PostgreSQL — to:
• Save scan results (like open ports, services, OS info)
• Store exploited hosts
• Keep track of credentials found
• Help generate reports

Why is it Useful?

Without a database, you'd have to:

• Manually read through long console outputs or text files


• Lose progress between sessions
• Re-scan hosts again and again

With the database, everything is saved and organized, and you can use
commands like hosts, services, vulns, creds, etc. inside Metasploit.
Metasploit Exploitation
SG-Learning
PostgreSQL: The Engine Behind It
• PostgreSQL is a powerful open-source relational database.
• Metasploit uses it to store all your data during a pentest session.

Kali Linux and Metasploit Database


• Kali Linux (which includes Metasploit by default) usually has
PostgreSQL already installed and pre-configured.

You will first need to start the PostgreSQL database, which Metasploit will
use with the following command

Then you will need to initialize the Metasploit Database using

Launch Metasploit and Verify Database Connection

1. Start msfconsole:

Check Database Status:

Metasploit Database Workspaces


Metasploit Exploitation
SG-Learning

The Metasploit database feature enables organized project management through


isolated workspaces.

Default Workspace

Upon initial launch, you are automatically placed in the default workspace.

• Use distinct workspaces for different engagements


(e.g., Client_A, Internal_Pentest).
• Workspaces maintain separate:
o Host records
o Service scans
o Credential storage

If you run a Nmap scan using the db_nmap shown below, all results will be
saved to the database
Metasploit Exploitation
SG-Learning

Metasploit provides streamlined access to reconnaissance data through dedicated


commands:

Host Information
Use the hosts command to retrieve stored details about discovered systems, including:
• IP addresses
• Operating system fingerprints
• MAC addresses
Service Enumeration
The services command displays comprehensive data on running services, such as:

o Open ports
o Protocols (TCP/UDP)
o Application banners
o Service versions
Metasploit Exploitation
SG-Learning

The hosts -h and services -h commands can help you become more
familiar with available options. Once the host information is stored in the
database,

Vulnerability Scanning
Definition
Vulnerability scanning is the automated process of identifying security
weaknesses in systems, networks, or applications. It detects known
vulnerabilities (e.g., unpatched software, misconfigurations) that attackers
could exploit.
Metasploit Exploitation
SG-Learning
Key Objectives
1. Risk Identification
o Discover flaws like:
▪ Outdated software (e.g., unpatched SMB services).
▪ Default credentials or weak configurations.
▪ Missing security patches (e.g., MS17-010).
2. Prioritization
o Assign severity scores (e.g., CVSS) to focus remediation
efforts.
3. Compliance
o Meet standards like PCI-DSS, HIPAA, or ISO 27001.

You can use the info command for any module to have a better
understanding of its use and purpose.
Metasploit Exploitation
SG-Learning

Exploitation

Once you have decided on the payload, you can use the set payload command to
make your choice.
Metasploit Exploitation
SG-Learning

You might also like