Metasploit
- 1. By : Parth Sahu Nitish Babu
- 2. What is it? • The Metasploit project is an open-source computer security project which provides information about security vulnerabilities and aids in penetration testing and development. • Capabilities include smart exploitation, password auditing, web application scanning, and social engineering. It has world’s largest database of Public, tested exploits. • As Metasploit is an open source where any one can use it. This framework supports different operating systems like windows, Linux, Mac OS x etc. • Metasploit is a hacking framework written in ruby. It is designed to help make writing and executing exploits as simple as possible. Requires no knowledge of the software bug, or exploit machine code.
- 3. Penetration Testing • It’s the process to identify security vulnerabilities in an application by evaluating the system or network with various malicious techniques. • Purpose of this test is to secure important data from outsiders like hackers who can have unauthorized access to system. • Once vulnerability is identified it is used to exploit system in order to gain access to sensitive information. • Causes of vulnerabilities: 1. Design and development errors. 2. Poor system configuration. 3. Human errors.
- 4. Terminologies and Definitions • Vulnerability -A weakness which allows an attacker to break into or compromise a system’s security. Like the main gate of house with a weak lock (can be easily opened), a glass window of house (can be easily broken) etc. Vulnerabilities in the systems make it easy for an attacker to break into. • Exploit – Code which allows an attacker to take advantage of a vulnerability system. The set of different keys which he can try one by one to open the lock, the hammer with him which he can use to break the glass window etc can be the exploits.
- 5. Terminologies and Definitions • Payload- Actual code which runs on the system after exploitation. Now Finally after exploiting the vulnerability and breaking in , he can have different things to do. He can Steal Money destroy the things or just can give a look and come back. Deciding this is what we mean by setting the Payload. • Meterpreter- Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime. It communicates over the stager socket and provides a comprehensive client-side Ruby API. It features command history, tab completion, channels, and more.
- 6. Terminologies and Definitions • Auxiliary’s- Typically, an Exploit without d Payload is called Auxiliary. Used for scanning, fuzzing (providing invalid, unexpected, or random data as inputs to a computer program), and some automated tasks. • Encoders- To evade anti-viruses encoders are used. Payload’s are encrypted. • MSFconsole- Is an all-in-one interface to most of the features in Metasploit. MSFconsole can be used to launch attacks, creating listeners, and much, much more. • Commands :- Show exploits, Show payloads, Show options, Use exploit, set payload, Set LHOST, Set RHOST, Back, Info.
- 7. Steps of Attacking 1. Gather information about target system. (like the device and model, its network connections, IP addresses through Nmap and other sniffing tools and which ports and services are open and which operating system is being used and anything useful). 2. Based on above information choose the right exploit and set the target information. 3. verify the exploit option to determine whether target is being vulnerable to that exploit or not. 4. Select payload if needed. 5. Execute the exploit.
- 8. Finding Exploit • Search directly in Metasploit database. • Download from External Sources like: www.exploit-db.com, 0day.today. • Writing your own exploit:
- 9. Thank You