Getting Started with Metasploit Modules: The Building Blocks of Exploitation

metasploit modules types and explanation in Kali Linux

Metasploit Modules in Kali Linux

Metasploit modules are the main components of  Metasploit. The Metasploit Project is a computer security extension that gives data about security vulnerabilities and supports penetration testing.

The Framework breaks down into module sorts:

basics of metasploit framework

1. Metasploit Exploits Modules

Exploit modules are pieces of code within the database that when running on a victim’s computer. he attacker will attempt to leverage a vulnerability on the local or remote system compromising the payload module such as the Meterpreter shell.

1.1 Post:

Metasploit post exploits modules permit Penetration tester to collect data from compromised machines, including hashes, tokens, provision passwords, and a great deal more.

2. Auxiliary Modules

Auxiliary modules do not require the use of a payload to run like exploit modules. These types of modules include useful programs such as scanners, fuzzier, and SQL injection tools.  Penetration testers use the plethora of scanners in the auxiliary directory to gather a deep understanding of the system to be attacked and then transition to exploit modules.

3. Metasploit payload Modules

While using an exploit against a vulnerable machine, a payload is generally attached to the exploit before its execution. The payload contains the set of instructions that the victim’s computer is to carry out after the compromise. Payloads come in many different flavors and can range from a few lines of code to small applications such as the Meterpreter shell. One should not just automatically jump to the Meterpreter shell. Metasploit contains over 200 different payloads

              3.1  Bind Shells

These types of shells lay dormant and listen for an attacker to connect or send instructions. Bind shells are not a good choice for victim machines that are behind a firewall that does not have direct network access to the machine.

              3.2  Reverse Shells

Reverse shells call home to the security tester for immediate instruction and interaction. If the compromised machine executes the exploit with a reverse payload, then a tester will be presented with a shell to access the machine as if they were sitting at the keyboard on the victim’s machine.

            3.3    Meterpreter Shell

The Meterpreter shell, a special type of shell, is the bread and butter of Metasploit. The Meterpreter shell can be added as a payload that is either a bind shell or reverse shell.

4. Listeners Metasploit modules

Listeners are specific handlers within the Metasploit framework that interact with the sessions established by payloads. The listener can either be embedded in a bind shell and sit waiting for a connection or actively sit listening for incoming connection on the security tester’s computer.

5. Shellcode

The shellcode is the delivery system inside that actually generates the hole, uploads malicious code, and executes the commands inside of the payload to generate a shell hence the name, shellcode. Not all payloads contain shellcode. For example, the payload, “windows/adduser” is just a series of commands aimed at generating a user or an administrative account on a Windows platform.

6. Encoders

Encoding of shell code is critical to continuous exploitation b’coz, when you make a shell code that shell code may hold some bad characters, null bytes. Either the transmission protocol or the end application might be touchy to “bad characters” which can break your shellcode up in different ways. bad characters can, for the most part, be killed by encoding the payload.

In the event that you are utilizing shell code introduced within the Metasploit framework, don’tneed to focus on shell code encoding. Metasploit of course encodes the shell code when you are utilizing it as a part of the misuse.

Yet in numerous circumstances when you are utilizing your own particular shell code as a part of shellcode then the shell code must be bad character free.

7. Nops

In low-level language (assembly language), NOP is short for No Operation. This is most prevalently referred to for x86 chips as 0x90. At the point when a processor stacks that instruction, it basically does nothing (in any event helpful) for the one cycle and afterward progresses the register to the next instruction.

MODULE 13:- Metasploit Framework

  1. 6 Metasploit Modules – You should know
  2. MSFvenom replacement of MSFpayload and msfencode – Full guide
  3. 6 Techniques to analyze the vulnerability scan report in Metasploit
  4. How to use Metasploit for vulnerability scanning
  5. How to use metasploit pro in Kali Linux
  6. Creating Persistent Backdoor By Metasploit in Kali Linux
  7. Creating Trojan Horse (Encoded)By Using Msfpayload

If Appreciate My Work, You should consider:

Leave a Reply

Your email address will not be published. Required fields are marked *