Introduction to Metasploit with Basic commands

Metasploit Framework (MSF) is one of the most widely used tools for penetration testing, providing powerful attack simulations, security assessment management, and more.

In this article we will be talking about the very basics of Metasploit and the Metasploit commands used in the command line interface. At first the Metasploit Framework console command line and the number of available commands might seem a lot and hard to understand and use, but dont be intimidated by them. Once you get to understand the concept and the clear structure it will be very easy. we put it all together the Metasploit framework consists of the core and base, a lot of exploits, payloads, modules, plugins, scripts and multiple user interfaces.

It assumes that you already have MetaSploit installed, or that you are running Kali / backtrack Linux. if not Installed,you can download from here https://www.metasploit.com/

This is msfconsole. Msfconsole is the main interface to MetaSploit. There are GUI interfaces (armitage), and a web interface too (websploit). With msfconsole, you can launch exploits, create listeners, configure payloads etc.

banner

Simply displays a randomly selected banner

• Exploit :- A piece of software that take advantage of a bug or vulnerability, leading to privilege escalation or DoS attacks on the target.
• Payload :- Actual code which runs on the compromised system after exploitation
• Vulnerability :- A flaw or weakness in system security procedures, design or implementation that could be exploited resulting in notable damage.
• Overflow :- Error caused when a program tries to store data beyond its size. Maybe used by an attacker to execute malicious codes.

The basic concept of how to use MetaSploit:

• – Run msfconsole
• – Identify a remote host
• – Pick a vulnerability and use an exploit
• – Configure the exploit
• – Execute the payload against the remote host