Lalith Sai, profile picture
Uploaded byLalith Sai
PPTX, PDF1,137 views

Metasploit

The document provides an overview of the Metasploit framework. It describes Metasploit as an open-source penetration testing software that contains exploits, payloads, and other tools to help identify vulnerabilities. Key points covered include Metasploit's architecture and modules for scanning, exploitation, and post-exploitation. Examples of tasks that can be performed include port scanning, vulnerability assessment, exploiting known issues, and gaining access to systems using payloads and meterpreter sessions. The document warns that Metasploit should only be used for legitimate security testing and cautions about the potential risks if misused.

Presentations & Public Speaking
Related topics:
Ethical Hacking Courses
In this document
Powered by AI

Introduction to the Metasploit Framework, a critical tool for penetration testing.

Defines key terms such as vulnerability, exploit, and payload; provides warnings for safe usage.

Overview of the Metasploit Project's history, inception by HD Moore, and acquisition by Rapid7.

Topics covered in video related to Metasploit include its usage, social engineering, and hacker types.

Introduction to the Metasploit Framework features, modules, and collaborative nature with Rapid7.

Overview of different editions and versions of Metasploit, including free and commercial editions.

Metasploit's compatibility with various operating systems, allowing easy exploitation.

Explains Metasploit architecture highlighting auxiliary, exploit, payload, and post modules.

Description of auxiliary modules, exploit types, and manual vs auto-exploitation methods.

Explores types of payloads and connection methods used in Metasploit for exploitation.

Activities after exploit execution, including information gathering and privilege escalation.

Discusses advantages like being open-source and updated, and challenges in learning and usage.

Highlights the professionals who benefit from using Metasploit, like penetration testers and auditors.

Summarizes the ease of use of Metasploit along with cautions for responsible usage.

Lists resources for further learning about Metasploit and expresses appreciation to the audience.

Embed presentation

Downloaded 43 times
METASPLOIT
Useful terminology: • Vulnerability: A weakness in the target system, through which penetration can successfully occur. • Exploit: Once a vulnerability is known, an attacker takes advantage of it, and breaks into the system using a code/script known as an exploit. EXPLOIT = VULNERABILITY + PAYLOAD • Payload: This is a set of tasks initiated by the attacker subsequent to an exploit, in order to maintain access to the compromised system • CLI: command line interface • GUI: graphical user interface • MSF: Meta Sploit Framework
WARNINGS Metasploit is very powerful, and very dangerous I used VMWare to isolate the operating system from other systems and the internet Use of this on any unauthorized way will get you fired / arrested / deported etc...
HISTORY OF THE METASPLOIT PROJECT • Metasploit Project –HD Moore & Friends –A community-driven project since 2003 • Rapid7 –Maker of NeXpose Vulnerability Management –Purchase the Project from HD • Metasploit Framework –The original open -source exploit framework
THIS VIDEO INVOLVES • Usage of METASPLOIT • Social engineering • Organization's server crashes from a DoS attack • Honeypots • Difference between White hat and Black hat hacker • Data breaching
METASPLOIT TOPICS Fundamentals about Metasploit Framework Usage Scanning Exploitation Post Exploitation Writing Metasploit Modules
WHAT IS METASPLOIT? • Metasploit Framework, created by the Metasploit Project, is the most popular exploitation tool available for developing, testing, and performing exploits. It allows penetration testers, auditors, and vulnerability assessment personnel to create their own penetration testing systems and exploit modules. • It is A collaboration between the open source community and Rapid7 • An exploitation framework written in Ruby, currently at version 4.9.1 • It’s modular • Contains exploits, payloads, encoders and auxiliaries
METASPLOIT EDITIONS
METASPLOIT VERSIONS •1.0 released in 2003 (Perl) •2.0 released in 2004 (Better Perl) –2.7 released in late 2006 •3.0 released in 2007 (Ruby) –3.2 released in late 2008 –3.3 released in late 2009 –3.4 released in early 2010 –3.4.1 is the most recent release •Metasploit now has 567 exploits and 283 auxiliary modules (up from 551 and 261 in v3.4)
VERSIONS AND BASICS - Metasploit Framework Edition • The free version - Metasploit Community Edition • A free, web-based user interface for Metasploit - Metasploit Express • An open-core commercial edition for security teams who need to verify vulnerabilities - Metasploit Pro • An open-core commercial Metasploit edition for penetration testers - Armitage • Is a graphical cyber attack management tool for the Metasploit Project that visualizes targets and recommends exploits.
• Runs on any operating system -Source code for Linux / Unix / MacOS X -Portable to Windows via CYGWIN • Allows anyone to exploit & usually “root” certain machines with only an IP address and a basic background of the system • Requires no knowledge of the software bug, or exploit machine cod
ARCHITECTURE OF METASPLOIT
WITH METASPLOIT, YOU CAN PERFORM THE FOLLOWING OPERATIONS Conduct basic penetration tests on small networks Run spot checks on the exploitability of vulnerabilities Discover the network or import data Browse exploit modules and run individual exploits on hosts.
HIERARCHY BUILDS UP LIKE THIS
• Auxiliary modules – are used for information gathering, enumeration, port scanning and that sort of thing. There are plenty of useful tools in there too for things like connecting to SQL databases and even tools for performing man-in- middle attacks. • Exploit modules – are generally used to deliver exploit code to a target system. • Post modules – offer post exploitation tools such as the ability to extract password hashes and access tokens and even modules for things like taking a screenshot, logging and downloading files. • Payload modules – are used to create malicious payloads for use with an exploit
AUXILIARY • Typically, an Exploit without Payload is called Auxiliary. • Used for scanning, fuzzing, and some automated tasks. • Makes use of mixins. • To run type in Run.
ENCODERS • To evade anti-viruses encoders are used. • Payload’s are encrypted
NOPS • Mainly used to keep the size of the payload consistent. • Having 10 nops.
SCANNING USING METASPLOIT • Discovery Through Vulnerability Scanning Vulnerability scanning will allow you to quickly scan a target IP range looking for known vulnerabilities, giving a penetration tester a quick idea of what attacks might be worth conducting. • Port Scanning: A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a “well- known” port number, the computer provides. Port scanning, a favorite approach of computer cracker, gives the assailant an idea where to probe for weaknesses.
HOW A DISCOVERY SCAN WORKS A discovery scan can be divided into four distinct phases: • Ping scan - determines if the hosts are online • Port scan - identify the ports that are open and the services are available on those ports • OS and version detection - detects the service version numbers and operating system based on how the system responds to the probes • Data import - collects all the data and creates a report and imports the data into the project
EXPLOITATION An exploit is the use of software, data, or commands to “exploit” a weakness in a computer system or program to carry out some of malicious intent, such as a denial-of-service attack, Trojan worms or viruses. The weakness in the system can be a bug, a or simply a design vulnerability. The process is known as exploitation. The following are the five steps in the exploitation process: scanning the target selecting an exploit selecting a payload encoding the exploit launching the attack
• Scanning the target To scan the target, we use port scanning and vulnerability scanning techniques in which we perform scanning by using different tools like nmap, nessus and etc. • Selecting the exploit This process includes the selection of exploit. • Selecting the payload Payloads are the commands the attacker runs upon a successful completion of their exploit. • Encoding the exploit Encoding in Metasploit is how the exploit and payload are packaged together, and is often done automatically, via the set commands. Launching the attack Once all the settings have been set, the attacker simply calls an exploit.
EXPLOITING VULNERABILITIES: Metasploit offers a couple different methods you can use to perform exploitation: Auto-exploitation. Manual exploitation. Auto-Exploitation: The auto-exploitation feature cross-references open services, vulnerability references, and fingerprints to find matching exploits. The simple goal of auto-exploitation is to get a session as quickly as possible by leveraging the data that Metasploit has for the target hosts. Manual Exploitation: Manual exploitation provides a more targeted and methodical approach exploiting vulnerabilities. This method is particularly useful if there is a specific vulnerability that you want to exploit.
Payload Type: Specifies the type of payload that the exploit will deliver to the target. Choose one of the following payload types: • Command: A command execution payload that enables you to execute commands on the remote machine. • Meterpreter: An advanced payload that provides a command line that enables you to deliver commands and inject extensions on the fly.
Connection Type: Specifies how you want your Metasploit instance to connect to the target. Choose one of the following connection types: • Auto: Automatically uses a bind connection when NAT is detected; otherwise, a reverse connection is used. • Bind: Uses a bind connection, which is useful when the targets are behind a firewall or a NAT gateway. • Reverse: Uses a reverse connection, which is useful if your system is unable to initiate connections to the targets.
• LHOST: Defines the address for the local host. • LPORT: Defines the ports that you want to use for reverse connections. • RHOST: Defines the target address. • RPORT: Defines the remote port you want to attack. • Target Settings: Specifies the target operating system and version. • Exploit Timeout: Defines the timeout in minutes.
POST EXPLOITATION • Post exploitation is an important process in a penetration test as it allows the attacker to gather information from the system that he has exploited. A lot of penetration testers are using the Metasploit framework modules for system exploitation. However, Metasploit provides and modules for post exploitation activities for a variety of systems. • Margate's to another process which has admin privileges and then completes the task.
• Using this meterpreter we can perform different tasks by getting the privileges of the victim • Can grab a screen shot’s, keylogging by loading and much more with -Espia -Incognito -Pivot -Sniffer -Priv -Stdapi (By Default)
• What else we can do in post exploitation? Let’s list some of them, -Keylogging -Screen shots -view live screen -access webcam -take control of keyboard and mouse -del user -pivort -vm detection and many more..
• Advantages Open source Frequently updated • Disadvantages Difficult to learn Can crash your system if not used wisely Requires deep knowledge for exploit development
IT IS USEFUL FOR  Future penetration testers  Vulnerability assessment personnel  Security Engineers  Security Researchers  Auditors  Programmers  Any IT professional who has to test regularly to maintain compliance requirements  Any IT professional who runs scheduled testing of security infrastructure as a best practice
SUMMARY • Metasploit is very easy to use, and very powerful • Web interface allows the scans to be run from any system, on any operating system • Evidence may or may not be left behind on the system • IDS/IPS will sense these exploits • Only contains old & well known exploits
NOTE • Never misuse it your personal purpose • Use it wisely • Understand the modules before using • Test it using virtual machines
REFERENCE • https://resources.infosecinstitute.com • https://www.offensive-security.com/metasploit-unleashed/ • https://www.cybrary.it/course/metasploit/
THANK YOU
Metasploit

More Related Content

PPTX
Metasploit framwork
byDeepanshu Gajbhiye
 
PPTX
Introduction to Metasploit
byGTU
 
PPTX
Metasploit framework in Network Security
byAshok Reddy Medikonda
 
PPTX
Introduction To Exploitation & Metasploit
byRaghav Bisht
 
PPTX
Metasploit
byInstitute of Information Security (IIS)
 
PPTX
Metasploit
byhenelpj
 
PDF
Metaploit
byAjinkya Pathak
 
PDF
Metasploitable
bySri Manakula Vinayagar Engineering College
 
Metasploit framwork
byDeepanshu Gajbhiye
 
Introduction to Metasploit
byGTU
 
Metasploit framework in Network Security
byAshok Reddy Medikonda
 
Introduction To Exploitation & Metasploit
byRaghav Bisht
 
Metasploit
byInstitute of Information Security (IIS)
 
Metasploit
byhenelpj
 
Metaploit
byAjinkya Pathak
 
Metasploitable
bySri Manakula Vinayagar Engineering College
 

What's hot

PPTX
Metasploit (Module-1) - Getting Started With Metasploit
byAnurag Srivastava
 
PPTX
Finalppt metasploit
bydevilback
 
PDF
01 Metasploit kung fu introduction
byMostafa Abdel-sallam
 
PPTX
Introduction to penetration testing
byNezar Alazzabi
 
PPTX
Metasploit seminar
byhenelpj
 
PDF
Pentest with Metasploit
byM.Syarifudin, ST, OSCP, OSWP
 
PPTX
WTF is Penetration Testing v.2
byScott Sutherland
 
PPTX
NMap
byPritesh Raka
 
PPT
iOS Application Pentesting
byn|u - The Open Security Community
 
PPTX
Vulnerability and Assessment Penetration Testing
byYvonne Marambanyika
 
PPT
IDS and IPS
bySantosh Khadsare
 
PPTX
Penetration testing using metasploit
byAashish R
 
PPT
Introduction to Web Application Penetration Testing
byAnurag Srivastava
 
PPTX
Demo of security tool nessus - Network vulnerablity scanner
byAjit Dadresa
 
PPTX
Penetration testing reporting and methodology
byRashad Aliyev
 
PPTX
Intrusion prevention system(ips)
byPapun Papun
 
PPTX
Wannacry
byAravindVV
 
PDF
Ch 5: Port Scanning
bySam Bowne
 
PPTX
NMAP
byPrateekAryan1
 
ODP
Snort
byMichael Boman
 
Metasploit (Module-1) - Getting Started With Metasploit
byAnurag Srivastava
 
Finalppt metasploit
bydevilback
 
01 Metasploit kung fu introduction
byMostafa Abdel-sallam
 
Introduction to penetration testing
byNezar Alazzabi
 
Metasploit seminar
byhenelpj
 
Pentest with Metasploit
byM.Syarifudin, ST, OSCP, OSWP
 
WTF is Penetration Testing v.2
byScott Sutherland
 
NMap
byPritesh Raka
 
iOS Application Pentesting
byn|u - The Open Security Community
 
Vulnerability and Assessment Penetration Testing
byYvonne Marambanyika
 
IDS and IPS
bySantosh Khadsare
 
Penetration testing using metasploit
byAashish R
 
Introduction to Web Application Penetration Testing
byAnurag Srivastava
 
Demo of security tool nessus - Network vulnerablity scanner
byAjit Dadresa
 
Penetration testing reporting and methodology
byRashad Aliyev
 
Intrusion prevention system(ips)
byPapun Papun
 
Wannacry
byAravindVV
 
Ch 5: Port Scanning
bySam Bowne
 
NMAP
byPrateekAryan1
 
Snort
byMichael Boman
 

Similar to Metasploit

PPTX
Introduction To Ethical Hacking
byRaghav Bisht
 
PPTX
Metasploit
byParth Sahu
 
PDF
Pen-Testing with Metasploit
byMohammed Danish Amber
 
PPT
Automated Penetration Testing With The Metasploit Framework
byTom Eston
 
PDF
Exploits Attack on Windows Vulnerabilities
byAmit Kumbhar
 
PDF
Metasploit Computer security testing tool
bymedoelkang600
 
PDF
The Metasploit Framework Companion Guide
byfynboytinny
 
PPTX
Metasploit Framework and Payloads supported
bySwapnil Gharat
 
PPTX
Introduction of Metasploit and task.pptx
byhira11ahmed02
 
PPTX
Introduction to metasploit
byGTU
 
PPTX
Pentesting with linux
byHammad Ahmed Khawaja
 
PPTX
BSides Algiers - Metasploit framework - Oussama Elhamer
byShellmates
 
PDF
Open Source Cyber Weaponry
byJoshua L. Davis
 
PDF
01_Metasploit - The Elixir of Network Security
byHarish Chaudhary
 
PPTX
Metasploit
bypenetration Tester
 
PPTX
metaploit framework
byLe Quyen
 
PDF
Metasploitation part-1 (murtuja)
byClubHack
 
PDF
24 33 -_metasploit
bywozgeass
 
PDF
iCrOSS 2013_Pentest
byM.Syarifudin, ST, OSCP, OSWP
 
PPTX
Metaploit
byalexngchunkiat
 
Introduction To Ethical Hacking
byRaghav Bisht
 
Metasploit
byParth Sahu
 
Pen-Testing with Metasploit
byMohammed Danish Amber
 
Automated Penetration Testing With The Metasploit Framework
byTom Eston
 
Exploits Attack on Windows Vulnerabilities
byAmit Kumbhar
 
Metasploit Computer security testing tool
bymedoelkang600
 
The Metasploit Framework Companion Guide
byfynboytinny
 
Metasploit Framework and Payloads supported
bySwapnil Gharat
 
Introduction of Metasploit and task.pptx
byhira11ahmed02
 
Introduction to metasploit
byGTU
 
Pentesting with linux
byHammad Ahmed Khawaja
 
BSides Algiers - Metasploit framework - Oussama Elhamer
byShellmates
 
Open Source Cyber Weaponry
byJoshua L. Davis
 
01_Metasploit - The Elixir of Network Security
byHarish Chaudhary
 
Metasploit
bypenetration Tester
 
metaploit framework
byLe Quyen
 
Metasploitation part-1 (murtuja)
byClubHack
 
24 33 -_metasploit
bywozgeass
 
iCrOSS 2013_Pentest
byM.Syarifudin, ST, OSCP, OSWP
 
Metaploit
byalexngchunkiat
 

Recently uploaded

PDF
King Khaled university .. Presentation .
by446816119
 
PPTX
68b5c214ea502_CraftVerse-ppt-Template.pptx
byAdarshThakare3
 
PPTX
AI in Tourism: transforming visitor experience & operations
byAidan Crawford
 
PPTX
Sample Equity research report for Lafarge.pptx
bysamuelkingsofficial2
 
PDF
OLLD25 - The Edges of University Living Labs session
bySam Rye
 
PDF
Question Generation LLM Gemini - Conference presentation - FIE 2025
bypmmorenom01
 
PDF
PresentationEnglish language learning presentation file
by446814956
 
PDF
English Learning Presentation (1).pdf....
byhalaalqrni111
 
PPTX
2025-11-16 Moses 07 (shared slides).pptx
byDale Wells
 
PPTX
The-Architecture-of-Counter-Ideology.pptx
bynotabolfazlpd
 
PPTX
Peptide Biomaterials for Skeletal Regeneration: From Molecular Design to Func...
byNaibedyaChattopadhya
 
PDF
Google_CodeCamp_workshop_FrontendGDG.pdf
bymoharnabgogoi
 
PPTX
Presentation Healthy Lifestyle for Saudi Women ‎
by446819285
 
PPTX
A PowerPoint some information taj-mahal.pptx
byvabb1
 
PPTX
Powerpoint Classroom Action Research 4 yn.
byLiyana
 
PPTX
Presentation schizo (1).pptxguiikkkkkkki
byrashibarthwal
 
PPTX
Mutliplying and Dividing Fractions Presentation.pp
bykikakashi0
 
PPTX
Bob Stewart James 3 11 16 2025.pptx
byFamilyWorshipCenterD
 
PPTX
Spelling.pptx...........................
byroyalamericanschools
 
PPTX
Unit 03CIVIL SOCIETY AND DEMOCRACY IN PAKISTAN.pptx
bymuskan54863
 
King Khaled university .. Presentation .
by446816119
 
68b5c214ea502_CraftVerse-ppt-Template.pptx
byAdarshThakare3
 
AI in Tourism: transforming visitor experience & operations
byAidan Crawford
 
Sample Equity research report for Lafarge.pptx
bysamuelkingsofficial2
 
OLLD25 - The Edges of University Living Labs session
bySam Rye
 
Question Generation LLM Gemini - Conference presentation - FIE 2025
bypmmorenom01
 
PresentationEnglish language learning presentation file
by446814956
 
English Learning Presentation (1).pdf....
byhalaalqrni111
 
2025-11-16 Moses 07 (shared slides).pptx
byDale Wells
 
The-Architecture-of-Counter-Ideology.pptx
bynotabolfazlpd
 
Peptide Biomaterials for Skeletal Regeneration: From Molecular Design to Func...
byNaibedyaChattopadhya
 
Google_CodeCamp_workshop_FrontendGDG.pdf
bymoharnabgogoi
 
Presentation Healthy Lifestyle for Saudi Women ‎
by446819285
 
A PowerPoint some information taj-mahal.pptx
byvabb1
 
Powerpoint Classroom Action Research 4 yn.
byLiyana
 
Presentation schizo (1).pptxguiikkkkkkki
byrashibarthwal
 
Mutliplying and Dividing Fractions Presentation.pp
bykikakashi0
 
Bob Stewart James 3 11 16 2025.pptx
byFamilyWorshipCenterD
 
Spelling.pptx...........................
byroyalamericanschools
 
Unit 03CIVIL SOCIETY AND DEMOCRACY IN PAKISTAN.pptx
bymuskan54863
 

Metasploit

  • 1.
  • 2.
    Useful terminology: • Vulnerability:A weakness in the target system, through which penetration can successfully occur. • Exploit: Once a vulnerability is known, an attacker takes advantage of it, and breaks into the system using a code/script known as an exploit. EXPLOIT = VULNERABILITY + PAYLOAD • Payload: This is a set of tasks initiated by the attacker subsequent to an exploit, in order to maintain access to the compromised system • CLI: command line interface • GUI: graphical user interface • MSF: Meta Sploit Framework
  • 3.
    WARNINGS Metasploit is verypowerful, and very dangerous I used VMWare to isolate the operating system from other systems and the internet Use of this on any unauthorized way will get you fired / arrested / deported etc...
  • 4.
    HISTORY OF THEMETASPLOIT PROJECT • Metasploit Project –HD Moore & Friends –A community-driven project since 2003 • Rapid7 –Maker of NeXpose Vulnerability Management –Purchase the Project from HD • Metasploit Framework –The original open -source exploit framework
  • 6.
    THIS VIDEO INVOLVES •Usage of METASPLOIT • Social engineering • Organization's server crashes from a DoS attack • Honeypots • Difference between White hat and Black hat hacker • Data breaching
  • 8.
    METASPLOIT TOPICS Fundamentals about Metasploit Framework Usage ScanningExploitation Post Exploitation Writing Metasploit Modules
  • 9.
    WHAT IS METASPLOIT? •Metasploit Framework, created by the Metasploit Project, is the most popular exploitation tool available for developing, testing, and performing exploits. It allows penetration testers, auditors, and vulnerability assessment personnel to create their own penetration testing systems and exploit modules. • It is A collaboration between the open source community and Rapid7 • An exploitation framework written in Ruby, currently at version 4.9.1 • It’s modular • Contains exploits, payloads, encoders and auxiliaries
  • 10.
  • 11.
    METASPLOIT VERSIONS •1.0 releasedin 2003 (Perl) •2.0 released in 2004 (Better Perl) –2.7 released in late 2006 •3.0 released in 2007 (Ruby) –3.2 released in late 2008 –3.3 released in late 2009 –3.4 released in early 2010 –3.4.1 is the most recent release •Metasploit now has 567 exploits and 283 auxiliary modules (up from 551 and 261 in v3.4)
  • 12.
    VERSIONS AND BASICS -Metasploit Framework Edition • The free version - Metasploit Community Edition • A free, web-based user interface for Metasploit - Metasploit Express • An open-core commercial edition for security teams who need to verify vulnerabilities - Metasploit Pro • An open-core commercial Metasploit edition for penetration testers - Armitage • Is a graphical cyber attack management tool for the Metasploit Project that visualizes targets and recommends exploits.
  • 13.
    • Runs onany operating system -Source code for Linux / Unix / MacOS X -Portable to Windows via CYGWIN • Allows anyone to exploit & usually “root” certain machines with only an IP address and a basic background of the system • Requires no knowledge of the software bug, or exploit machine cod
  • 14.
  • 15.
    WITH METASPLOIT, YOUCAN PERFORM THE FOLLOWING OPERATIONS Conduct basic penetration tests on small networks Run spot checks on the exploitability of vulnerabilities Discover the network or import data Browse exploit modules and run individual exploits on hosts.
  • 16.
  • 17.
    • Auxiliary modules– are used for information gathering, enumeration, port scanning and that sort of thing. There are plenty of useful tools in there too for things like connecting to SQL databases and even tools for performing man-in- middle attacks. • Exploit modules – are generally used to deliver exploit code to a target system. • Post modules – offer post exploitation tools such as the ability to extract password hashes and access tokens and even modules for things like taking a screenshot, logging and downloading files. • Payload modules – are used to create malicious payloads for use with an exploit
  • 19.
    AUXILIARY • Typically, anExploit without Payload is called Auxiliary. • Used for scanning, fuzzing, and some automated tasks. • Makes use of mixins. • To run type in Run.
  • 20.
    ENCODERS • To evadeanti-viruses encoders are used. • Payload’s are encrypted
  • 21.
    NOPS • Mainly usedto keep the size of the payload consistent. • Having 10 nops.
  • 22.
    SCANNING USING METASPLOIT •Discovery Through Vulnerability Scanning Vulnerability scanning will allow you to quickly scan a target IP range looking for known vulnerabilities, giving a penetration tester a quick idea of what attacks might be worth conducting. • Port Scanning: A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a “well- known” port number, the computer provides. Port scanning, a favorite approach of computer cracker, gives the assailant an idea where to probe for weaknesses.
  • 23.
    HOW A DISCOVERYSCAN WORKS A discovery scan can be divided into four distinct phases: • Ping scan - determines if the hosts are online • Port scan - identify the ports that are open and the services are available on those ports • OS and version detection - detects the service version numbers and operating system based on how the system responds to the probes • Data import - collects all the data and creates a report and imports the data into the project
  • 24.
    EXPLOITATION An exploit isthe use of software, data, or commands to “exploit” a weakness in a computer system or program to carry out some of malicious intent, such as a denial-of-service attack, Trojan worms or viruses. The weakness in the system can be a bug, a or simply a design vulnerability. The process is known as exploitation. The following are the five steps in the exploitation process: scanning the target selecting an exploit selecting a payload encoding the exploit launching the attack
  • 25.
    • Scanning thetarget To scan the target, we use port scanning and vulnerability scanning techniques in which we perform scanning by using different tools like nmap, nessus and etc. • Selecting the exploit This process includes the selection of exploit. • Selecting the payload Payloads are the commands the attacker runs upon a successful completion of their exploit. • Encoding the exploit Encoding in Metasploit is how the exploit and payload are packaged together, and is often done automatically, via the set commands. Launching the attack Once all the settings have been set, the attacker simply calls an exploit.
  • 26.
    EXPLOITING VULNERABILITIES: Metasploit offersa couple different methods you can use to perform exploitation: Auto-exploitation. Manual exploitation. Auto-Exploitation: The auto-exploitation feature cross-references open services, vulnerability references, and fingerprints to find matching exploits. The simple goal of auto-exploitation is to get a session as quickly as possible by leveraging the data that Metasploit has for the target hosts. Manual Exploitation: Manual exploitation provides a more targeted and methodical approach exploiting vulnerabilities. This method is particularly useful if there is a specific vulnerability that you want to exploit.
  • 27.
    Payload Type: Specifiesthe type of payload that the exploit will deliver to the target. Choose one of the following payload types: • Command: A command execution payload that enables you to execute commands on the remote machine. • Meterpreter: An advanced payload that provides a command line that enables you to deliver commands and inject extensions on the fly.
  • 28.
    Connection Type: Specifieshow you want your Metasploit instance to connect to the target. Choose one of the following connection types: • Auto: Automatically uses a bind connection when NAT is detected; otherwise, a reverse connection is used. • Bind: Uses a bind connection, which is useful when the targets are behind a firewall or a NAT gateway. • Reverse: Uses a reverse connection, which is useful if your system is unable to initiate connections to the targets.
  • 29.
    • LHOST: Definesthe address for the local host. • LPORT: Defines the ports that you want to use for reverse connections. • RHOST: Defines the target address. • RPORT: Defines the remote port you want to attack. • Target Settings: Specifies the target operating system and version. • Exploit Timeout: Defines the timeout in minutes.
  • 30.
    POST EXPLOITATION • Postexploitation is an important process in a penetration test as it allows the attacker to gather information from the system that he has exploited. A lot of penetration testers are using the Metasploit framework modules for system exploitation. However, Metasploit provides and modules for post exploitation activities for a variety of systems. • Margate's to another process which has admin privileges and then completes the task.
  • 31.
    • Using thismeterpreter we can perform different tasks by getting the privileges of the victim • Can grab a screen shot’s, keylogging by loading and much more with -Espia -Incognito -Pivot -Sniffer -Priv -Stdapi (By Default)
  • 32.
    • What elsewe can do in post exploitation? Let’s list some of them, -Keylogging -Screen shots -view live screen -access webcam -take control of keyboard and mouse -del user -pivort -vm detection and many more..
  • 33.
    • Advantages Open source Frequentlyupdated • Disadvantages Difficult to learn Can crash your system if not used wisely Requires deep knowledge for exploit development
  • 34.
    IT IS USEFUL FOR Future penetration testers  Vulnerability assessment personnel  Security Engineers  Security Researchers  Auditors  Programmers  Any IT professional who has to test regularly to maintain compliance requirements  Any IT professional who runs scheduled testing of security infrastructure as a best practice
  • 35.
    SUMMARY • Metasploit isvery easy to use, and very powerful • Web interface allows the scans to be run from any system, on any operating system • Evidence may or may not be left behind on the system • IDS/IPS will sense these exploits • Only contains old & well known exploits
  • 36.
    NOTE • Never misuseit your personal purpose • Use it wisely • Understand the modules before using • Test it using virtual machines
  • 37.
  • 38.

Editor's Notes

  • #2 It was designed and developed by H.D.Moore in 2003. Firstly it was written in perl then It was re-written in Ruby script
  • #7 Honeypots ( computer system that is set up to act as a decoy to lure cyber attackers, and to detect, deflect or study attempts to gain unauthorized access to information systems)
  • #13 Runs on any operating system
  • #15 - FILESYSTEM AND LIBRARIES Metasploit Filesystem The MSF filesystem is laid out in an intuitive manner and is organized by directory. • data: editable files used by Metasploit • documentation: provides documentation for the framework • external: source code and third-party libraries • lib: the ‘meat’ of the framework code base • modules: the actual MSF modules • plugins:plugins that can be loaded at run-time • scripts:Meterpreter and other scripts • tools:various useful command-line utilities Metasploit Libraries The MSF libraries help us to run our exploits without having to write additional code for rudimentary tasks, such as HTTP requests or encoding of payloads.
  • #17 It has 1500+ tested exploits, 400+ payloads and 40+ encoders. It offers “plug and play” of payloads which alone is huge advantage.
  • #20 In object-oriented programming languages, a Mixin is a class that contains methods for use by other classes without having to be the parent class of those other classes.
  • #23 Requires no knowledge of software bug or exploit machine code. Allows anyone to exploit and usually “root” . Certain machines with only “ip address” and a basic background system.