Metasploit is a tool that helps the attacker to execute the exploit code against the remote target machine.
It was founded by H.D Moore.
To know the terminology that we will be using later on (Exploit, Payload, Shellcode,Module,Listener), please google them.
So without any delay, let’s start metasploit!
First of all, you have to start the “postgresql”.Metasploit uses PostgreSQL as its database.You can do that by the typing the command:
service postgresql start
Then we have to initiate the metasploit database.To do that, type:
To start metasploit, you can either choose to click on the icon in the Kali menu on the Desktop which will initiate all the things you don’t have to bother about or you can choose to run the command:
You can check if you have been connected to the database by typing:
Our first project will be Metasploitable.
Metasploitable is an intentionally vulnerable linux machine.It can be used for learning different methods of testing and attacking.You can download the VM here.
The default username and password is msfadmin:msfadmin
Once you have set up your Metasploitable VM, note the IP of the machine.
In a real scenario, we might not know the IP.In such case, if we know the target range then we can run a nmap scan to discover the machines that are up within that range.
After we’ve found the IP of the target, let’s run a nmap service scan on our target (Metasploitable) and then see if there are any vulnerable services running.
Most of the services running on the target machine are vulnerable.
Let’s exploit the first service, ftp-vsftpd 2.3.4.
To search if there are any exploits available, we’ll use the “search” command in metasploit.
search vsftpd 2.3.4
After we find the exploit we need, we have to use it so.For that, we type the command “use (exploit name/location)”
To see what input it requires and to know the options, we use the command “show options”.
The RHOST field is black.RHOST is the Remote Host,that is our target machine.We can input the IP of the target by using the command “set”.
set RHOST 192.168.x.x
Finally, we can execute our exploit using the command “run”.
Voila! We now have a shell!
Let’s ask our target if we’ve hacked him…
It responds by saying “root”.
Also, check the files by typing the “ls” command.
Congratulations! We’ve successfully exploited our first machine!
Recommended course videos: