🔐

Introduction to Metlo and Metasploit

Aug 23, 2024

Cyber Security Lecture Notes: Introduction to Metlo and Metasploit

Overview

  • Task: Testing a company’s web server for vulnerabilities.
  • Tools: Nmap and Metlo (Metasploit).
  • Purpose: Educational; focus on cyber security tools.

Nmap

  • Use Nmap to scan for open ports and services on the web server.
  • Identify vulnerabilities to exploit.

Metlo (Metasploit Framework)

  • Definition: A framework with scripts to exploit system vulnerabilities.
  • Interfaces:
    • msf console: Command line interface for hackers and penetration testers.
    • Armitage: GUI for beginners.
    • msf web: Web browser interface.

Getting Started with Metasploit

  1. Installation: Pre-installed on Kali Linux. For other OS (Windows, Mac), download from the Metasploit website.

  2. Database Initialization:

    • Run Postgres SQL for database management.
    • Initialize database before using Metasploit with the command.

  3. Launch msf console: Type msf console in terminal.

    • Ensure you see the msf6 prompt for the latest version.

Understanding Metlo Terminology

  • Modules: Scripts within Metasploit categorized by purpose.
    • Exploit Modules: Target and exploit vulnerabilities.
      • Example: Install malware on systems with unpatched vulnerabilities.
    • Payload Modules: Define the nature of malware deployed.
      • Example: Reverse TCP shell for remote control.
    • Post Exploitation Modules: Tasks after system compromise (e.g., maintaining access).
    • Encoder Modules: Encode payloads to bypass security systems.
    • Auxiliary Modules: Reconnaissance, scanning, and other purposes.

Example: Exploiting a Windows System

Target: Unpatched SMB vulnerability (Eternal Blue)

  1. Search for Exploits: Use search command with keywords related to Windows OS.
    • Filter results to return exploit modules.
  2. Select Eternal Blue Exploit:
    • Use the command use <module_name> after finding the module in the search results.
  3. Configure Exploit Options:
    • Use show options to see requirements (RHOST, RPORT).
  4. Setup Payload:
    • Use show payloads to view compatible payloads.
    • Select payload with set payload <payload_name>.
  5. Configure Payload Options:
    • Use show options for payload settings (LHOST, LPORT).
  6. Launch Attack:
    • Execute the attack with exploit command.

Conclusion

  • Purpose: Introduction to Metlo and its application in vulnerability testing.
  • Next Steps: Further exploration of Metasploit modules.
  • Engagement: Questions can be asked in the comment section.

Full transcript