Exploitation

Metasploit Framework

Getting Started

Before diving into exploring Metasploit, spin up a postgresql server and initialise a database so Metasploit can output findings into a database.

service postgresql start
msfdb init
msfconsole
msf > db_status

The Basics

Workspaces

workspace            - List all workspaces in the database
workspace -a <name>  - Add a new workspace 

Using modules

Types of modules:

• Exploit - Has a payload
• Auxiliary - does not have a payload (scanners, fuzzers, DoS)

search <exploit>     - Search the Metasploit database
use <exploit/module> - Load a module
use multi/handler    - Set a standalone handler for exploits crafted in msfvenom

With an exploit loaded:

show options         - List the parameters for the loaded exploit
show targets         - List the target software vulnerable to this exploit
show payloads        - List the compatible payloads for the loaded exploit

set <option> <value> - Set an option
set <target_id>      - Set the target to the id provided
set <payload>        - Set the payload

Once the exploit is configured:

check                - Test whether the specified target is vulnerable to the loaded exploit
exploit              - Launch the exploit

Other useful tools:

msfcli               - A command line tool used to craft exploits in shell scripts
msfvenom             - Create standalone payloads compiled into various formats

Creating Payloads

Creating Metasploit Payloads

Data Exfiltration

Web Server

# HTTP web server
python -m SimpleHTTPServer 80

# HTTPS web server - Use scripts in this repo
# Generate a certificate
PATH_TO_REPO/Scripts/genKeys.sh
# Run the server
python3 PATH_TO_REPO/Scripts/simpleHTTPServer.py

FTP Server

# Install
apt-get install python-pyftpdlib

# Run the server
python -m pyftpdlib -w -u USERNAME -P PASSWORD -p PORT