i Metasploit Overview (Part1) – All things in moderation

Metasploit Overview (Part1)

About tutorial

Table of contents
  1. Introduction to metasploit
  2. Architecture, enviroment and installation
  3. References

1. Introduction to metasploit

The Metasploit Framework (MSF) is an open-source tool, which provides a framework for security researchers to
develop exploits, payloads, payload encoders, and tools for reconnaissance and other security
testing purposes.Although, it initially started off as a collection of exploits and provided the
ability for large chunks of code to be re-used across different exploits, in its current form it
provides extensive capabilities for the design and development of reconnaissance, exploitation,
and post-exploitation security tools.
The MSF was originally written in the Perl scripting language and included various
components written in C, assembler, and Python.The project core was dual-licensed under
the GPLv2 and Perl Artistic Licenses, allowing it to be used in both open-source and commercialrojects. However, the 3.0 version of the product is now completely re-written in Ruby and comes with a wide variety of APIs.


2. Architecture and installation

2.1 Architecture


metasploit architecture
The main componets of framework architecture are :
1. REX
Rex is the most fundamental component of the entire framework architecture. Rex stands
… for Ruby Extension Library, and has quite a few similarities with the Perl Rex library in the
2.x series.The Rex library essentially is a collection of classes and modules that can be used
by developers to develop projects or tools around the MSF.A more detailed description of
these classes is available in the Metasploit developer’s guide
* The basic library for most tasks
* Handles sockets, protocols, text transformations, and others
* SSL, SMB, HTTP, XOR, Base64, Unicode
2. Framework Core
The framework core consists of various subsystems such as module management, session
management, event dispatching, and others.The core also provides an interface to the modules
and plugins with the framework. Following the object-oriented approach of the entire
architecture, the framework itself is a class, which can be instanced and used as any other
object.The framework core consists of:
Datastore
Event Notifications
Framework Managers
3. Framework Base
The framework base is built on top of the framework core and provides interfaces to make it
easier to deal with the core. Some of these are:
Configuration Maintaining a persistent configuration and obtaining information
about the structure of an installation, such as the root directory of the installation,
and other attributes.
Logging As mentioned earlier, the MSF provides extensive and flexible logging
support.
Sessions The base maintains information about and controls the behavior of user
sessions.
4. Interfaces
The framework user interfaces allow the user to interact with the framework.These are typically
the msfconsole command-line interactive interface, the msfcli command-line non-interactive
interface, and the msfweb Web-based interface and REST API with pro version.
5. Modules
Exploits
Defined as modules that use payloads
An exploit without a payload is an Auxiliary module
Payloads, NOP generators, Encoders
Payloads consist of code that runs remotely
Encoders ensure that payloads make it to their destination
Nops keep the payload sizes consistent
Auxiliary Modules
Plugins
This is a new concept with the 3.0 version of the MSF.As compared with modules, plugins
are designed to change the framework itself.Again, it is the introduction of plugins that
enhances the utility of the framework as a security tool development platform.

Files system and libraries
metasploit’s files system and libraries
data : editable files used by Metasploit
documentation: provides documentation for the framework
external: source code and third-party libraries
lib: the ‘meat’ of the framework code base
modules: the actual MSF modules
plugins: plugins that can be loaded at run-time
scripts: Meterpreter and other scripts
tools: various useful command-line utilities

2.3 Installation

There are many ways to install metasploit :
– Use directry if you using kali-linux
– Install from file .run( os linux) guide to install metasploit
Install from source(not recommend) but first you must setup environment for metasploit ( ruby, postgresql, nmap )
– Install using docker. In this tutorial I will guide you install metasploit with docker :
First: instal docker
run commands bellow :

       docker pull ubuntu  
         sudo docker -it ubuntu bash  

After you inside ubuntu docker , download docker with command beblow

Now , install metasploit nomarly :

 chmod +x metasploit-latest-linux-x64-installer.run
 ./ metasploit-latest-linux-x64-installer.run
 msfconsole

Install success fully

IMPORTANT you must commit container to save installation.

docker commit container_id tag 
example: sudo docker commit 334dsfdb ubuntu/metasploit

Done.
Next time you want run :

sudo docker run -it ubuntu/metasploit bash
service metasploit start

3.References

https://www.offensive-security.com/metasploit-unleashed/
https://repo.zenk-security.com/Metasploit/Metasploit%20Toolkit.pdf

Leave a Reply