METASPLOIIT

Introduction
Metasploit is a computer security project also known as open source metasploit. It provides information about security vulnerabilities and aids in penetration testing and IDDS(Intrusion Detection System) signature development. It is a widely used tool for developing and executing exploit code against a remote target machine.

Jargons in the world..

Exploitit is a means by which a tester takes advantage of a flaw of the service, application within a system. It results in the unintended outcome from the developers view (of the application) but desired from attackers view.

 Payload
Payload is the code that is executed on the target machine selected and delivered by the framework. e.g. reverse shell is a payload that establishes a connection between the target machine and the attackers machine.

 Module
It is a piece of software used by the metasploit framework. An exploit module conducts the attack. An auxiliary module serves the purpose of scanning the machine or system enumeration. The modules are the core that makes metasploit so powerful.

Metasploit interfaces
Metasploit has three interfaces that provide the varied environment to the user for exploitation. These are
MSFconsole MSFcli Armitage

 MSFconsole is the widely used Metasploit interface that ids the most-flexible and feature rich. It is highly populated being a handy all-none interface. MSFcli is a interface through which exploits can be run on the target machine via command-line itself. Armitage is a graphical user interface.

Supporting tools..
Nmap it is a security scanner used to discover host and services on a computer network. This is very powerful tool that can find: -whether a host is up or down and for how long -which ports are open and closed -the operating system on the host

 Netstat
it is a command line tool that displays network connections. It is used for finding problems in the network and to determine the amount of traffic on the network as a performance measurement. The command is also used to determine the IP address of a machine through the established connection between the senders and receivers machine when any file transmission or any other communication is happening.

Meterpreter
It is a post exploitation tool. It makes extracting information and further compromising systems much easier. Meterpreter is an extension to the metasploit that allows us to leverage metasploits functionality and further compromise a target. Some of the functionaility includes cover the tracks, reside purely in the memory, dump hashes, access operating systems and pivot etc.

Meterpreter commands
There are various available commands in meterpreter that aids us to have a strong grip on the target machine. Some of them are- run killav(kills antivirus program), run checkvm ( checks the machine if it is virtual), download and upload( are used to perform the desired action for the specified file download from or upload to the remote host machine), hashdump (dumps the contents of SAM database)

Exploits