Metasploit has an up to date collection of vulnerability exploits and allows a user to execute them automatically without the need of programming knowledge. It comes by default on Kali Linux. With metasploit any attacker with basic knowledge can compromise any computer or mobile device in relatively easy way.  This can be used for knowledge of how to defend a linux system from hacking attacks.

Installing PostgreSQL

Metasploit depends on PostgreSQL for database connection, to install it on Debian/Ubuntu based systems run:

apt install postgresql

To download and install metasploit run:

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/
templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
chmod 755 msfinstall && \
./msfinstall

After installation ends  to create the database run:

msfdb init

During the process you will be asked for a username or password, you can ignore the password, at the end you'll see the username you  assigned to the database, the password and token and below a URL https://localhost:5443/api/v1/auth/account , access it and login using the username and password.

To create the database and then run:

msfconsole

After launching metasploit type “db_status” to make sure the connection is working properly as shown in the image above.

Note: In case you find problems with the database, try the following commands:

service postgresql restart
service postgresql status
msfdb reinit
msfconsole

Make sure postgresql is running when checking it's status.

Getting started with metasploit, basic commands:

help
search
use
back
host
info
show options
set
exit

The command help will print the man page for metasploit, this command does not need description.

The command search is useful to find exploits, let's search for exploits against Microsoft, type “search ms”

It will show a list of Auxiliary Modules and Exploits helpful against Microsoft running devices.

An Auxiliary Module in Metasploit is an aiding tool, it adds features to metasploit such as brute force, scanning for specific vulnerabilities, target localization within a network, etc.

For this tutorial we don't have a real target for testing but we'll use an auxiliary module to detect camera devices and take snapshots. Type:

use post/windows/manage/webcam

As you see the module was chosen, now let's go back by typing “back” and type “hosts” to see the list of available targets.

The hosts list is empty, you can add one by typing:

hosts -a linuxhint.com

Replace linuxhint.com for the host you want to target.

Type hosts again and you'll see a new target added.

To get information on an exploit or module, select it and type “info”, run the following commands:

use exploit/windows/ssh/putty_msg_debug
info

The command info will provide information on the exploit and how to use it, additionally you can run the command “show options”, which will only show usage instructions, run:

show options

Type back and select a remote exploit, run:

use exploit/windows/smtp/njstar_smtp_bof
show options
set RHOSTS linuxhint.com
set target 0
exploit

 

Use the command set as in the image to define remote hosts (RHOSTS) , local hosts(LOCALHOSTS) and targets, each exploit and module has different information requirements.

Type exit  to leave the program getting the terminal back.

Obviously the exploit won't work because we are not targeting a vulnerable server, but that's the way in which metasploit works to carry out an attack. By following the steps above you can understand how basic commands are used.

You can also merge Metasploit with vulnerability scanners such as OpenVas, Nessus, Nexpose and Nmap. Just export the resuts of these scanners as XML and on Metasploit type

db_import  reporttoimport.XML

Type “hosts” and you'll see the hosts of the report loaded into metasploit.

This tutorial was a first introduction to Metasploit console use and it's basic commands. I hope you found it helpful to getting started with this potent software.

Keep following LinuxHint for more tips and updates on Linux.