metasploit

“Metasploit Complete” series Part 1

Hii guyzzzz, welcome to Insec Lab kolkata. Sorry for the delay in posting updates as I was down with severe sickness, but now my machines are all up and running again ;-)p

Now lets start with a new series, called “Metasploit Complete“. Here in this “part 1”, we will be discussing some very basics of information security modules, which are very important for understanding and working with metasploit, which  is an extremely powerful tool yet very easy to control if modules are well explained.

What is a vulnerability?

A vulnerability is a security hole in a piece of software, hardware or operating system that provides a potential angle to attack the system. Not all vulnerabilities are dangerous and not all of them are exploitable. They can be often found in outdated applications, services or operating systems. Now that we understand what being exploitable means, what is an exploit itself?

What are exploits?

Exploits are highly specialized small programs, whose only purpose is to take advantage of a vulnerability and deliver a payload, which will grant attacker the control. Metasploit is a great tool that has a vast number of exploits. I will cover using some of them later on. So, if it’s purpose is to deliver a payload, what is payload?

What is a payload?

Payload is delivered by exploit and is used to control the remote system.Think of it this way: Exploit is like terrorist that is carrying a bomb in his backpack. He enters the system and leaves his backpack there. Most popular and widely known payload is meterpreter, that has a lot of features. With it you can Browse remote files, downlaod them, upload your own, capture keystrokes, take screenshots, open DOS, and pivot to another machine as well. Through meterpreter, you can pivot and attack machines in networks that are not your own. A payload mostly uses different kind of buffer overflow techniques, to overflow the general logic of the application, and inject its malicious code for execution.  What is buffer overflow?

Buffer Overflow

Buffer Overflow is a common method used to make exploits. How does it work?
Imagine a glass of water. You’re thirsty and you want to drink it. You keep pouring it into the glass, but at one point, the wine will have filled the glass and it will leak outside of it, on your carpet. This is exactly what buffer overflow is. It happens when a program or file writes data to a buffer and overflows it. It leaks into adjacent memory and overrides it. That way we get our malicious part to execute.

So, Now the most important thing, WHAT IS METASPLOIT????

What is Metasploit?

Metasploit and all of it’s exploits are written in Ruby. Metasploit has four interfaces.

  • MsfCli
  • MsfConsole
  • MsfGui
  • Armitage ( Optional, not packed with metasploit anymore!!! )

Thats Part 1 guyzzz, stay tuned tor Part 2 ……………..

 

 

 

 

 

Comments 1

  1. pk.das8357@gmail.com'

Leave a Reply

Your email address will not be published. Required fields are marked *