MODULE 13:- Metasploit Framework
- 6 Metasploit Modules – You should know
- MSFvenom replacement of MSFpayload and msfencode – Full guide
- 6 Techniques to analyze the vulnerability scan report in Metasploit
- How to use Metasploit for vulnerability scanning
- How to use metasploit pro in Kali Linux
- Creating Persistent Backdoor By Metasploit in Kali Linux
- Creating Trojan Horse (Encoded)By Using Msfpayload
Metasploit Modules in Kali Linux
Metasploit modules are main components of Metasploit. The Metasploit Project is a computer security extend that gives data about security vulnerabilities and supports in penetration testing.
The Framework breaks down into the module sorts:
1. Exploit Modules
2. Auxiliary Modules
1. Exploit Modules
Exploit modules are pieces of code within the database that when running on a victim computer. he attacker will attempt to leverage a vulnerability on the local or remote system compromising the payload module such as Meterpreter shell.
Metasploit post exploits modules permit Penetration tester to collect data from compromised machines, including hashes, tokens, provision passwords and a great deal more.
2. Auxiliary Modules
Auxiliary modules do not require the use of a payload to run like exploit modules. These types of modules include useful programs such as scanners, fuzzier, and SQL injection tools. Penetration testers use the plethora of scanners in the auxiliary directory to gather a deep understanding of the system to be attacked and then transition to exploit modules.
While using an exploit against a vulnerable machine, a payload is generally attached to the exploit before its execution. The payload contains the set of instructions that the victim’s computer is to carry out after compromise. Payloads come in many different flavors and can range from a few lines of code to small applications such as the Meterpreter shell. One should not just automatically jump to the Meterpreter shell. Metasploit contains over 200 different payloads
These types of shell lay dormant and listen for an attacker to connect or send instructions. Bind shells are not a good choice for victim machines that are behind a firewall that does not have direct network access to the machine.
Reverse shells call home to the security tester for immediate instruction and interaction. If the compromised machine executes the exploit with a reverse payload, then a tester will be presented with a shell to access the machine an if they were sitting at the keyboard on the victim’s machine.
The Meterpreter shell, a special type of shell, is the bread and butter of Metasploit. The Meterpreter shell can be added as a payload that is either a bind shell or reverse shell.
Listeners are specific handlers within the Metasploit framework that interact with the sessions established by payloads. The listener can either be embedded in a bind shell and sit waiting for a connection or actively sit listening for incoming connection on the security tester’s computer.
The shellcode is the delivery system inside that actually generates the hole, uploads malicious code, and executes the commands inside of the payload to generate a shell hence the name, shellcode. Not all payloads contain shellcode. For example, the payload, “windows/adduser” is just a series of commands aimed at generating a user or an administrative account on a windows platform.
Encoding of shell code is critical continuously exploitation b’coz,when you make a shell code that shell code may hold some bad characters, null bytes.either the transmission protocol or the end application might be touchy to “bad characters” which can break your shellcode up different ways. bad characters can, for the most part, be killed by encoding the payload.
In the event that you are utilizing shell code introduce within the Metasploit framework, dontthen don’tneed to focus on shell code encoding.metasploit of course encode the shell code when you are utilizing as a part of the misuse.
Yet in numerous circumstance when you are utilizing your own particular shell code as a part of shelcod then the shell code must be bad character free.
In low level language (assembly language), NOP is short for No Operation. This is most prevalently referred to for x86 chips as 0x90. At the point when a processor stacks that instruction, it basically does nothing (in any event helpful) for the one cycle and afterward progresses the register to the next instruction.