Aim : Case Study on Ethical Hacking Tool: Metasploit

With cybercrime at an all-time high, it is more important than ever to learn how to
use security in the business world. Penetration testing allows businesses to evaluate
the overall security of their IT infrastructure. Metasploit is one of the best
penetration testing frameworks that help a business find out and shore up
vulnerabilities in their systems before exploitation by hackers. To put it simply,
Metasploit allows hacking with permission.

Throughout this article, we will explore what is Metasploit, what is meterpreter,

what is Metasploit framework, the basics of using Metasploit framework, and the
modules it includes.

A Brief History of Metasploit

Metasploit was conceived and developed by H D Moore in October 2003 as a Perl-

based portable network tool for the creation and development of exploits. By 2007,
the framework was entirely rewritten in Ruby. In 2009, Rapid7 acquired the
Metasploit project, and the framework gained popularity as an emerging
information security tool to test the vulnerability of computer systems. Metasploit
4.0 was released in August 2011 and includes tools that discover software
vulnerabilities besides exploits for known bugs.

What Is Metasploit, and How Does It Work?

Metasploit is the world’s leading open-source penetrating framework used by

security engineers as a penetration testing system and a development platform that
allows to create security tools and exploits. The framework makes hacking simple
for both attackers and defenders.

The various tools, libraries, user interfaces, and modules of Metasploit allow a user
to configure an exploit module, pair with a payload, point at a target, and launch at
the target system. Metasploit’s large and extensive database houses hundreds of
exploits and several payload options.

A Metasploit penetration test begins with the information gathering phase, wherein
Matsploit integrates with various reconnaissance tools like Nmap, SNMP scanning,
and Windows patch enumeration, and Nessus to find the vulnerable spot in your
system. Once the weakness is identified, choose an exploit and payload to
penetrate the chink in the armor. If the exploit is successful, the payload gets
executed at the target, and the user gets a shell to interact with the payload. One of
the most popular payloads to attack Windows systems is Meterpreter – an in-
memory-only interactive shell. Once on the target machine, Metasploit offers
various exploitation tools for privilege escalation, packet sniffing, pass the hash,
keyloggers, screen capture, plus pivoting tools. Users can also set up a persistent
backdoor if the target machine gets rebooted.

The extensive features available in Metasploit are modular and extensible, making
it easy to configure as per every user requirement.

Metasploit has three editions available.

 Metasploit Pro
 Metasploit Community
 Metasploit Framework
For this article, we’ll be using the Metasploit Framework edition.

Various components of Metasploit

1. Auxiliaries
Auxiliaries are the modules that make Metasploit so easy to work with. A
Metasploit auxiliary is nothing but a specific piece of code written to
perform a particular task. For example, it can be used to check if we can
access an FTP server anonymously or to check if the webserver is
vulnerable to a heart bleed attack. In fact, Metasploit has more than
1,000 auxiliary modules that perform various tasks like scanning, fuzzing,
sniffing, and much more. These auxiliary modules are classified into 19
categories. Following are the categories of auxiliary modules that are
available in Metasploit :

2. Payloads
You have already learned in the above topic that an exploit is a piece of
code that will be used against the component that is vulnerable. The
exploit code may run successfully, but what do you want to do once the
exploit is successfully defined by the payload. In simple terms, a payload
can be defined as the action that needs to be performed after the
complete execution of an exploit. Metasploit has around 42 payloads that
can be classified into the following categories:

3. Exploits
Exploits are an extremely important part of Metasploit. The whole
purpose of the framework is to offer exploits that you can use for various
vulnerabilities. An exploit is a code that takes advantage of a software
vulnerability or security flaw and you will use this code on the target
system to take advantage of the vulnerabilities present in the target
system. Metasploit has more than 1,800 exploits that can be classified
into 17 categories. Following are the categories of exploits that are
available in Metasploit:

4. Encoders
Metasploit helps you in generating a wide variety of payloads that you
can send to the target in multiple ways to perform any task. In the
process, it is quite possible that your payload gets detected by any of the
security software present on the target system or antivirus software. This
is where encoders came into work. Encoders use various algorithms and
techniques to obscure the payload in a way that it doesn’t get detected
by antivirus software. Metasploit has about 40 encoders that can be
categorized into ten major categories, as shown here:
5. Post-Exploitation Activities (Post)
Once you have gained access to your target system using any of the
available exploits and here we are talking about basic access, you can
make use of the post modules to further infiltrate the target system.
These operations are mostly done in Cyber Events with complete
permissions and must be done in an Ethical way. With the help of these
modules you can perform the following Post-exploitation activities :
 Escalating user privileges to administrator or root.
 Retrieving the system credentials
 Stealing cookies and saved credentials
 Capturing keystrokes on the target system
 Executing custom Power Shell scripts for performing
Additional tasks: Making the Access persistent
Metasploit has around 300 post-exploitation modules that can be
classified into the following 11 categories:

6. Evasion: this module allow users to generate a Windows EXE that

evades against Microsoft Windows Defender. Multiple techniques such as
shellcode encryption, source code obfuscation, Metsam, and anti-
emulation are used to achieve this. To get the best output in use user
should always try to use payloads that uses more secure channels such
as HTTPS, or RC4 in order to avoid the payload network traffic getting
caught by antivirus better.
With cybercrime at an all-time high, it is more important than ever to learn how to
use security in the business world. Penetration testing allows businesses to evaluate
the overall security of their IT infrastructure. Metasploit is one of the best
penetration testing frameworks that help a business find out and shore up
vulnerabilities in their systems before exploitation by hackers. To put it simply,
Metasploit allows hacking with permission.

Throughout this article, we will explore what is Metasploit, what is meterpreter,

what is Metasploit framework, the basics of using Metasploit framework, and the
modules it includes.

A Brief History of Metasploit

Metasploit was conceived and developed by H D Moore in October 2003 as a Perl-

based portable network tool for the creation and development of exploits. By 2007,
the framework was entirely rewritten in Ruby. In 2009, Rapid7 acquired the
Metasploit project, and the framework gained popularity as an emerging
information security tool to test the vulnerability of computer systems. Metasploit
4.0 was released in August 2011 and includes tools that discover software
vulnerabilities besides exploits for known bugs.

What Is Metasploit, and How Does It Work?

Metasploit is the world’s leading open-source penetrating framework used by

security engineers as a penetration testing system and a development platform that
allows to create security tools and exploits. The framework makes hacking simple
for both attackers and defenders.

The various tools, libraries, user interfaces, and modules of Metasploit allow a user
to configure an exploit module, pair with a payload, point at a target, and launch at
the target system. Metasploit’s large and extensive database houses hundreds of
exploits and several payload options.

A Metasploit penetration test begins with the information gathering phase, wherein
Matsploit integrates with various reconnaissance tools like Nmap, SNMP scanning,
and Windows patch enumeration, and Nessus to find the vulnerable spot in your
system. Once the weakness is identified, choose an exploit and payload to
penetrate the chink in the armor. If the exploit is successful, the payload gets
executed at the target, and the user gets a shell to interact with the payload. One of
the most popular payloads to attack Windows systems is Meterpreter – an in-
memory-only interactive shell. Once on the target machine, Metasploit offers
various exploitation tools for privilege escalation, packet sniffing, pass the hash,
keyloggers, screen capture, plus pivoting tools. Users can also set up a persistent
backdoor if the target machine gets rebooted.

The extensive features available in Metasploit are modular and extensible, making
it easy to

What Is the Purpose of Metasploit?

Metasploit is a powerful tool used by network security professionals to do

penetration tests, by system administrators to test patch installations, by product
vendors to implement regression testing, and by security engineers across
industries. The purpose of Metasploit is to help users identify where they are most
likely to face attacks by hackers and proactively mend those weaknesses before
exploitation by hackers.

Who Uses Metasploit?

With the wide range of applications and open-source availability that Metasploit
offers, the framework is used by professionals in development, security, and
operations to hackers. The framework is popular with hackers and easily available,
making it an easy to install, reliable tool for security professionals to be familiar with
even if they don’t need to use it.

Metasploit Uses and Benefits

Metasploit provides you with varied use cases, and its benefits include:

 Open Source and Actively Developed – Metasploit is preferred to other

highly paid penetration testing tools because it allows accessing its source
code and adding specific custom modules.
  Ease of Use – it is easy to use Metasploit while conducting a large network
penetration test. Metasploit conducts automated tests on all systems in
order to exploit the vulnerability.

 Easy Switching Between Payloads – the set payload command allows easy,
quick access to switch payloads. It becomes easy to change the
meterpreter or shell-based access into a specific operation.

 Cleaner Exits – Metasploit allows a clean exit from the target system it has
compromised.

 Friendly GUI Environment – friendly GUI and third-party interfaces facilitate

the penetrate testing project.

Installation of Metasploit Framework:

As an Ethical Hacker or a Pen-Tester, if you’re running Windows or a

normal Linux distribution like Ubuntu. It is recommended to switch to a
penetration testing distribution like Kali-Linux or Parrot Security OS.
Because these tools would already come pre-installed with the
distribution. We can also run it in a virtualized environment. But if we
want to install Metasploit as a separate tool, we can easily do so on
systems that run on Linux, Windows, or Mac OS X.

Step by Step installation (Debian-based Ubuntu Linux

22.04LTS) :

Step 1: Getting the Root privileges

On Ubuntu root is a particular user account that has access to all
commands, files, and services. It is the most privileged account with
complete access to everything. We use sudo su command to become a
root or superuser on any Linux. On running the command it will ask for
the current account password for confirmation.
Step 2: Updating and Upgrading the system
We use the apt-get update command to resynchronize the package
index files from their sources on Linux via the Internet. Now we run apt-
get upgrade to install the newest versions of all packages currently
installed on the Ubuntu system. In other words, get security updates for
your machine. We can also do this in a single line by using the syntax:
apt-get update && apt-get upgrade
Step 3: Installing Required Dependencies
We need to install a lot of dependencies that are required to run
Metasploit. Below is the command that we’re going to be running to
install the dependencies :
apt install -y ruby ruby-dev build-essential zlib1g zlib1g-dev libpq-
dev libpcap-dev libsqlite3-dev
After running the above command the output screen will be :

Step 4: Cloning the Metasploit repository

We need to clone the Metasploit GitHub repository, we use the git
clone command and the repository link and go back to our terminal and
paste and run that will download the repository into our home directory.
It will take a little bit of time because it’s quite a large repository there
are a lot of things in it.
git clone https://github.com/rapid7/metasploit-framework.git
After running the above command the output screen will be :
If the output screen shows “Command ‘git’ not found” then we need
to install the git first and then run the above command. To install git use:
apt install git
Step 5: Installing Ruby’s Bundler Package Manager
After we finish cloning the Metasploit GitHub repository into our home
directory the next thing we need to do is install Ruby’s bundler package
manager we can do this by doing :
gem install bundler
Step 6: Installing Ruby packages for Metasploit
Now we need to install the ruby packages for Metasploit. We first move to
the Metasploit framework directory using the cd command that we just
cloned into that directory.
cd metasploit-framework
Inside this directory, we need to go and finish installing the rest of the
packages for Metasploit and we can do this by doing :
bundle install
After running the above command the output screen will be :
Once the installation gets completed the output screen will be like this

Once it’s over we can start the Metasploit framework by just

doing ./msfconsole.
Limitations:

Although Metasploit includes a tonne of tools for identifying

vulnerabilities, evaluating them, and creating exploits, it also has certain
restrictions and drawbacks like anything else. Some of them include:
 Little support for GUI. The majority of tasks should be completed
utilizing CLI.
 It must be treated carefully, failing to do so risks crashing our
own system.
 It is challenging to install Metasploit on a machine that has a
firewall or antivirus software.