Basic usage Tutorials for Metasploit

Today brings you a basic tutorial on Metasploit, the tool used is Kali Linux (command line mode)

About the development process of Metasploit everyone Baidu I will not repeat the

First Open the Msfconsole

We can see many of the attack modules integrated in the Metasploit

With the show command we can view these modules

Below we use Windows's famous vulnerability ms10-018 (browser exploit vulnerability, applicable to EXPLORER6, 7) for an intranet infiltration

If you don't know the path to a specific module, you can use the search command

To use the MS10-018 module using the use command

For specific parameter settings, you can use the Options command to view

We can use the common paylaoad to achieve the listening work, if you do not know what to use payload can refer to the Show command and Options command to choose, here is not a demonstration

Using the Options command to find that we need to set some parameters, we need to use the SET command

Use the SET command to set the corresponding parameters according to description's comments.

Now we can start infiltrating, using the Run command

A URL is generated that is copied and opened in the Explorer browser in target drone, with an error report or a flashback when it is opened, and Kali the Echo that appears in Linux.

Penetrate successfully, we can start manipulating target drone by looking at the task, i.e. the sessions command

Get help with the assist command

(The picture below is also because the reason is not shown) through the comments on the right can be a series of operations, such as:

View the IP address of the target drone

Other operations can also be implemented through the shell command into the target drone command line mode

Various operations in command-line mode here is not a demonstration, the penetration of success, the tutorial is here for the end of the moment, interested can go to see the use of other attack modules to conduct penetration testing.

Basic usage Tutorials for Metasploit