Metasploit. What the heck is it and how do I use it.

So, what is Metasploit?

Metasploit is a tool that is very useful for penetration testing as it automates a lot of the exploitation process.

Sounds cool. How do I use it?

Well first off, we have to install it, you can go and get it from here.

Once we have it installed we can launch the Metasploit Console by using $ msfconsole. Once we have it installed we can find the exploit we want to use.

To find the exploit we can use the search function in this example we will use CVE MS17-010 a.k.a EternalBlue. To find the exploit we will do the follow search Eternalblue. Once we have ran it it’ll tell us a name, Date, rank, check and description. if we read the exploit description it will tell us about the exploit. To use a exploit we will type use /exploit/path in this case it is use exploit/windows/smb/ms17_010_psexec

Once we have selected a exploit we must set some options, too see them we will use show options the two main ones we need to set is RHOST and RPORT, these are the Host and Port of the service/machine we are exploit. We run set RHOST (ip) and set RPORT (port). Once we have configured our exploit settings we need to select our payload we can do this by typing set PAYLOAD then hitting tab and it’ll show us all the payloads any one that has reverse_tcp is a good option usually.

Once we have everything configured we can run the exploit and (if) it works we get a meterpreter session. Once we have a session we can use all of the meterpreter commands, you can see them by using help, one of the easiest commands is sh which will give us a shell.