2nd Chapter Metasploit Foundation
Metasploit itself is free open source software and has many contributors in the security community. When using Metasploit for the first time, it is important to focus not only on the latest infiltration modules, but also on how Metasploit is being attacked and what commands can be used to enable penetration to be implemented successfully . 2.1 Metasploit: Professional terminology
Most of the basic terminology below is defined in the context of the Metasploit framework, but often their meaning is common throughout the security industry. 2.1.1 Penetration attack (Exploit)
penetration attacks are attacks by attackers or penetration testers who exploit security vulnerabilities in a system, application, or service . popular infiltration attack techniques include buffer overflow, Web application vulnerability attacks (such as SQL injection), and configuration errors . 2.1.2 Attack Load (Payload)
attack loads are code that we expect the target system to execute after being infiltrated, and can be freely selected, transmitted, and implanted in the Metasploit framework . For example, a bounce shell is a way to create a network connection from a target host to an attack host and provide a command-line shell attack payload, while the bind Shell attack payload binds the command-line shell on the target host to an open listening port. Attackers can connect to these ports to get shell interaction. The attack payload may also be simple to execute some commands on the target operating system, such as adding user accounts. 2.1.3 Shellcode
Shellcode is a set of machine instructions that run as an attack load during a penetration attack . Shellcode are usually written in assembly language. In most cases, a command line shell or Meterpretershell is provided after the target system executes the shellcode set of instructions,which is also the origin of the Shellcode name. 2.1.4 Modules (module)
A module refers to a software code component used in the Metasploit framework . At some point, a penetration attack module (exploit) may be used, which is the software component used to actually initiate a penetration attack. At other times, an auxiliary module (auxiliary module) may be used to perform some attack actions, such as scanning or system enumeration. 2.1.5 Monitor (Listener)
The
Listener is the component used in Metasploit to wait for a network connection , for example, After the target host is penetrated, it may be connected to the attacking host over the internet, and the listener component waits on the attacking host to connect to the compromised system and is responsible for processing those network connections.