The document discusses Metasploit, an open-source penetration testing framework. It has the world's largest database of exploits and is used to develop and execute exploit code against remote targets. The document then describes Metasploit's architecture, including its filesystem structure with modules, libraries, and locations for exploits, payloads, and encoders. It also discusses Metasploit's object model and how modules are implemented as Ruby classes.

1. METASPLOIT
METASPLOIT FRAMEWORK IS A OPEN SOURCE PENETRATION TOOL
USED FOR DEVELOPING AND EXECUTING EXPLOIT CODE AGAINST A
REMOTE TARGET MACHINE IT, METASPLOIT FRAME WORK HAS THE
WORLD’S LARGEST DATABASE OF PUBLIC, TESTED EXPLOITS.

2. METASPLOIT
Architecture

3. METASPLOIT ARCHITECTURE
- FILESYSTEM AND LIBRARIES

4. METASPLOIT ARCHITECTURE
- FILESYSTEM AND LIBRARIES
Metasploit Filesystem
The MSF filesystem is laid out in an intuitive manner and is organized by directory.
• data: editable files used by Metasploit
• documentation: provides documentation for the framework
• external: source code and third-party libraries
• lib:the ‘meat’ of the framework code base
• modules:the actual MSF modules
• plugins:plugins that can be loaded at run-time
• scripts:Meterpreter and other scripts
• tools:various useful command-lineutilities
Metasploit Libraries
The MSF libraries help us to run our exploits without having to write additional code for
rudimentary tasks, such as HTTPrequests or encoding of payloads.

5. METASPLOIT ARCHITECTURE
- MODULES AND LOCATIONS
Exploits
•Defined as modules that use payloads
•An exploit without a payload is an Auxiliary module
Payloads, Encoders, Nops
•Payloads consist of code that runs remotely
•Encoders ensure that payloads make it to their destination
•Nops keep the payload sizes consistent
Primary Module Tree
•Located under /usr/share/metasploit-framework/modules/
User-Specified Module Tree
•Located under ~/.msf4/modules/
•This location is ideal for private module sets

6. METASPLOIT ARCHITECTURE
- MODULES AND LOCATIONS
Loading Additional ModuleTrees
Metasploit gives you the freedom to load modules either at runtime or after msfconsole has already been
started. Pass the -m option when running msfconsole to load at runtime:

7. METASPLOIT ARCHITECTURE
- MODULES AND LOCATIONS
If you need to load additional modules after runtime, use the Metasploit loadpath
commandfrom within msfconsole:

8. METASPLOIT ARCHITECTURE
Metasploit ObjectModel
In the Metasploit Framework, all modules are Ruby classes.
Modules inherit from the type-specific class
The type-specific class inherits from the Msf::Module class There is a shared common API between
modules Payloads are slightlydifferent.
Payloads are created at runtime from various components Glue together stagers with stages

9. METASPLOIT FUNDAMENTALS
Msfconsole interface
The msfconsole is probably the most popular interface to the Metasploit Framework (MSF). It provides an “all-
in-one” centralized console and allows you efficient access to virtually all of the options available in the MSF.
Msfconsole may seem intimidating at first, but once you learn the syntax of the commands you will learn to
appreciate the power of utilizing this interface.
Launching msfconsole
The -q option removes the launch banner by starting
msfconsole in quietmode.

10. METASPLOIT FUNDAMENTALS
Active Exploits
Active exploits will exploit a specific host, run until
completion, and then exit.
Brute-force modules will exit when a shell opens from
the victim.
Module execution stops if an error is encountered.
You can force an active module to the background by
passing ‘-j’ to the exploit comma
Passive Exploits
Passive exploits wait for incoming hosts and exploit them
as they connect.
Passive exploits almost always focus on clients such as
web browsers, FTPclients, etc.
They can also be used in conjunction with email exploits,
waiting for connections.
Passive exploits report shells as they happen can be
enumerated by passing ‘-l’ to the sessions command.
Passing ‘-i’ will interact with a shell.

11. IN SHORT
Vulnerability -A weakness which allows an attacker to break into or compromise a system’s security.
Like the main gate of house with a weak lock (can be easily opened) , a glass window of house(can be easily
broken) etc can be the vulnerabilities in the systems which make it easy for an attacker to break into.
Exploit – Code which allows an attacker to take advantage of a vulnerability system.
The set of different keys which he can try one by one to open the lock , the hammer with him which he can use to
break the glass window etc can be the exploits.
Payload- Actual code which runs on the system after exploitation
Now Finally after exploiting the vulnerability and breaking in , he can have different things to
do. He can Steal Money destroy the things or just can give a look and come back.. Deciding this
is what we mean by setting the Payload.

12. METASPLOIT FUNDAMENTALS
Payload Mean?
Apayload in metapsloit refers to an exploit module.
There are three different types of payload modules in the Metasploit Framework: Singles, Stagers, and Stages.
Whether or not a payload is staged, is represented by ‘/’ in the payload name. For example,
“windows/shell_bind_tcp” is a single payload with no stage, whereas “windows/shell/bind_tcp” consists of a stager
(bind_tcp) and a stage (shell).
Singles
Singles are payloads that are self-contained and completely standalone. A Single payload can be
something as simple as adding a user to the target system or running calc.exe.

13. METASPLOIT FUNDAMENTALS
Stagers
Stagers setup a network connection between the attacker and victim and are designed to be small and reliable.
It is difficult to always do both of these well so the result is multiple similar stagers. Metasploit will use the best
one when it can and fall back to a less-preferred one when necessary.
Stages
Stages are payload components that are downloaded by Stagers modules. The various payload stages provide
advanced features with no size limits such as Meterpreter, VNC Injection, and the iPhone ‘ipwn’ Shell.

14. METASPLOIT FUNDAMENTALS
What isMeterpreter?
Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and
is extended over the network at runtime. It communicates over the stager socket and provides a
comprehensive client-side Ruby API. It features command history, tab completion, channels, and more.
Metepreter was originally written by skape for Metasploit 2.x, common extensions were merged for 3.x and is
currently undergoing an overhaul for Metasploit 3.3. The server portion is implemented in plain C and is now
compiled with MSVC, making it somewhat portable. The client can be written in any language but Metasploit
has a full-featured Ruby client API.

15. 1. SELECTA RIGHT EXPLOITAND THEN SETTHE TARGET.
 VERIFY THE EXPLOIT OPTIONS TO DETERMINE WHETHER THE TARGET SYSTEM IS VULNERABLE TO THE
EXPLOIT.
 SELECTA PAYLOAD
 EXECUTE THE EXPLOIT.
AFTER GATHERING INFORMATIONABOUT
TARGET SYSTEM

16. Metasploitable
METASPLOITABLE ISA PURPOSEFULLY VULNERABLE UBUNTU 8.04 IMAGE THAT IS
RUNNING SEVERAL UNPATCHED SERVICES. METASPLOITABLE ISA GREAT PLATFORM TO
PRACTICEAND DEVELOP YOUR PENETRATION TESTING SKILLS ON LINUX.

17. Thank you