This document provides an overview of Metasploit and how it can be used to perform penetration testing and vulnerability assessments. It defines key Metasploit terminology like exploits, payloads, shellcode, and modules. It describes Metasploit's architecture including its libraries, core, and base components. It also outlines useful MSFconsole commands and provides a step-by-step example of exploiting an Android device with Metasploit that involves generating a payload, setting up a listener, enabling port forwarding, executing the exploit, and using the meterpreter shell for post-exploitation tasks.

1. Basics and Demo
of Metasploit

2. What Metasploit can do?
● Intelligence Gathering
● Threat Modeling
● Vulnerability Analysis
● Exploitation
● Post Exploitation
● Reporting

3. Terminology
● Exploit - An exploit is the means by which an attacker, or pen tester for that
matter, takes advantage of a flaw within a system, an application, or a service.
An attacker uses an exploit to attack a system in a way that results in a particular
desired outcome that the developer never intended. Common exploits include
buffer overflows, web application vulnerabilities, and configuration errors.
● Payload - A payload is code that we want the system to execute and that is to be
selected and delivered by the Framework. For example, a reverse shell is a
payload that creates a connection from the target machine back to the attacker
as a Windows command prompt, whereas a bind shell is a payload that “binds” a
command prompt to a listening port on the target machine, which the attacker
can then connect. A payload could also be something as simple as a few
commands to be executed on the target operating system.

4. Terminology
● Shellcode - Shellcode is a set of instructions used as a payload when
exploitation occurs. Shellcode is typically written in assembly language. In most
cases, a command shell or a Meterpreter shell will be provided after the series of
instructions have been performed by the target machine, hence the name.
● Module - A module in the context of this book is a piece of software that can be
used by the Metasploit Framework. For Eg. exploit module conducts the attack
and auxiliary modules may be required to perform an action such as scanning or
system enumeration.
● Listener - A listener is a component within Metasploit that waits for an incoming
connection of some sort. For example, after the target machine has been
exploited, it may call the attacking machine over the Internet. The listener
handles that connection, waiting on the attacking machine to be contacted by the
exploited system.

5. Metasploit Interfaces
It is the actual console where the attacker could perform all the actions.
● MSFconsole
● MSFcli
● Armitage
Metasploit Utilities
It is the actual console where the attacker could perform all the actions.
● MSFpayload - generate shellcode
● MSFencode - remove null characters in payload to prevent detection from IDS
● Nasm Shell - for assembly code
● MSFvenom - includes both msfpayload and msfencode

6. Metasploit Architecture

7. Libraries
● Rex : It is the basic library for performing most tasks.It handles sockets and
different types of protocols.
● MSF Core :It Provides the basic API.Defines the metasploit framework.
● MSF Base: It provides the friendly API. Provides simplified API's for use in the
framework
Metasploit Architecture

8. Useful Commands while using MSFconsole
1) back - To go back from the current exploit
or module.
2) connect : This command is used to
connect to the host. We should specify the
host ip address and port number along
with this command.
3) irb: This command is used to drop a irb
mode.Using this mode one can write one's
own ruby scripts.
4) info: This command displays the whole
information about the selected exploit.

9. Useful Commands while using MSFconsole
4) load: This command is used to load
plugins into metasploit.
5) search: This command is used to search
specific exploit or module.This command is
very useful to search any module.
6) use: This command is used to select a
specific exploit.
7) set and unset : These commands set
variables.By using these commands we can
set our payloads and we can set ip address.

10. Using
command:
search
reverse_tcp

11. Exploiting Android with Metasploit
1) We will be using msfvenom to generate the
android/meterpreter/reverse_tcp.
1) We will use msfconsole to set the listener.
1) We should switch on port forwarding.

12. Creating the payload

13. Firing up msfconsole
● To fire up msfconsole,
just type msfconsole in
the terminal
● Use the listener as
multi/handler
● Then set the payload as
android/meterpreter/rev
erse_tcp.
● On “show options” you
will get details of the
payload.

14. Enable Port Forwarding
Use nano editor to edit the file.
Change the existing 0 to 1.

15. Setting the Listener’s IP and exploiting
1) The payload has been sent to the victim’s android phone and executed.
2) Then the exploit command is executed.
3) We get a reverse connection from the phone
4) This connection provides us with the meterpreter shell.

16. Streaming a webcam

17. Getting phone location
Dumping Call Logs

18. Getting IP
network
routes and
current
working
directory

19. Uploading file into the phone
Downloading file into the phone

20. Thank You
~Arpit