Topsy Metasploit Series (first episode)

"If I had seven hours to cut the tree, I would have spent 6 hours grinding my axe." ”

–abraham Lincoln

This sentence has always led me to the idea of doing things, and never changed. This article is translated from the offensive-security community. I hope that through my translation can let the domestic security personnel can have a further sublimation. Of course, I added my own ideas and some comments when translating. Before I do penetration testing or audit tests, I generally upgrade and refine the tools and scripts above my Metasploit. China has a saying, Ching, Lloyd. I have been maintaining and upgrading Metasploit for a few months, for the second that I used it.

About 0X01

Metasploit is a vulnerability framework. Its full name is called the Metasploit Framework, referred to as MSF. Metasploit is the most popular tool in the world, not only because of its convenience and power, but more importantly its framework. It allows the user to develop their own vulnerability scripts for testing. If reading this article, the reader still does not understand Metasploit, then may need to learn some basic knowledge on this website. Poke me!

0x02 Requirements

Before using Metasploit, we have to ensure that our equipment meets the following requirements, including hardware and software.

Hardware: Make sure that your computer or VM meets the requirements below.

Hard disk space: If you want to use Metasploit, first you have to make sure you have 10GB of storage space. Because Metasploit will use some large files. When partitioning, make sure that you are not partitioning with the FAT32 type. Because FAT32 does not support large file runs. My advice is to partition with NTFS,EXT3 or other types. My advice is that your use of space is preferably 30GB.

Memory: Kali a lot of explanations for memory recommendations, in fact, you can use each version of the Kali system as long as your memory value is equal to or greater than 2GB.

Processor: The official system explains that the Kali system can be used as long as the processor is processing faster than or equal to 400MHz. But I recommend a minimum of 500MHz.

Network device: You can access it using the Cat5 interface. Please make sure that your network device has DHCP, if not, then please assign IP to your kali. Of course, you can also use the wireless network, but please install the corresponding driver for your wireless card.

Software: It is recommended that users install two operating systems. One is the Kali system and one is the victim's system or test system. The reason for this is that it is convenient for the security personnel to do the testing.

Virtual machines: Our recommendation is to run the Kali system with a virtual machine. VMware player can be said to be the best choice. This software is free, users only need to register to be able to use. Of course you can also choose a different virtual machine, but my advice is VMware.

Kali Linux: I didn't introduce the Kali system in front of me either. Let's talk about the system first. The Kali is packaged in a Linux system. The Kali system is a bit of a system that has a large collection of good security tools and upgrades to these tools. It also contains the Metasploit. The Kali system is: http://www.kali.org/downloads/. If you have finished installing the Kali system, you can open the control window and use the following command to upgrade the Kali system.

Upgrade directive: "Apt-get update && apt-get Upgrade"

Metasploitable System: You may have encountered many Linux systems, but you don't know how to use those Linux vulnerabilities. Fortunately, Metasploit's development team was aware of the problem. They made a metasploitable system. This system contains large and small Linux vulnerabilities that are ideal for testing systems. can improve technology, but also can "self-fantasy" a bit. Now the metasploitable has a second set of versions, the following is.

Metasploitable 2.0-> poke here ~

We have a point to note. Never use the metasploitable system in public Wi-Fi or in an unknown network environment in case someone else is compromised.

This test system is downloaded in zip format. Use VM to open after decompression. If it is VMware, open the Metasploitable.vmx file directly with VMware. The default account and password for the metasploitable system is msfadmin:msfadmin

Here are the following:

If you want to learn more about metasploitable, you can go to the following website.

Science content one or science content two

0X03 Metasploit Structure Introduction

Let's take a look at one of the pictures below. Because of the more professional terminology, some key nouns I do not translate, in order to prevent the impact of the academic and correctness of the article.

System files and libraries

MSF's system files are arranged in an intuitive manner and are presented in a directory. Let me say the description of each directory.

Data directory: Some editable files are stored inside, Mainly for Metasploit. Use the Documentation directory: provide some MSF documentation such as external directory: source files and third-party library LIB directories: the main components of the MSF Framework modules directory: module storage location for MSF plugins directory: Storage metasp Loit plug-in Scripts directory: Store Meterpreter code or other script files Tools directory: A variety of useful command-line tools

Library

1. Rex Library 1.1 The most basic build 1.2 network sockets, Network Application Protocol client and server-side implementation, log subsystem, etc. 1.3 SSL, SMB, HTTP, XOR, Base64, Unicode2. Msf::core Library 2.1 provides some of the more basic API interface 2.2 definitions for the MSF Framework 3. msf::base3.1 provides a number of additional and simple API interfaces

Modules and Locations

1. The main Metasploit modules are located in the/usr/share/metasploit-framework/modules/directory. 2. User-set modules are generally ~/.msf4/modules/

Metasploit Object Module

In MSF, all modules are written in the Ruby language

0X04 Conclusion

For the structure of the Metasploit, msfcli of the introduction are almost familiar, the second chapter will introduce Msfconsole theory.

Topsy Metasploit Series (first episode)