What is Metasploit?

Notes from the Author

2010

Who should read this PDF? You should read this PDF if you have experienced with Linux who is often in the position of either educating novice programmers or debating partisans of other operating systems, and you find it hard to articulate the benefits of the Linux approach. In this example this is a closed in network which means that this technique was done with our network range. DTS Enterprise Legal Notice While hacking networks is fun and such, we still have our own legal terms we are bound to and abide by. Our overall purpose as a team, site, and community is to bring quality trainers, free of charge, to you, the public. What I do for fun, nothing more, nothing less. DTS Enterprise is a site that enjoys exploiting parts of the network to get a better advantage to help the user out while securing business corporations. That being said, here is our standing-point on legal issues and such. DTS Enterprise Content Access DTS Enterprise provides you all its trainers and other content FREE of charge. The access to this site is FREE of charge. This is not something that will ever change. This community is open for everyone to enjoy, learn from, and contribute and share their own work. We assure you there is no private access section to our site. I will NEVER directly ask for money for any purpose, nor will we ever charge you for the use. I do not allow anyone to attempt to sell things on our site or anywhere else that is associated with DTS Enterprise. Terms of Use The content posted on our site of which originated from this site are all released WITHOUT warranty. Everything you use from the above locations is all USE AT YOUR OWN RISK! It is not in our interest to infect anyones systems with Trojans, virus, or other harmful material. However, we cannot be held responsible for anything that happens while using anything from this site. You agree that you are to blame for anything that happens while using any material from this site. Make sure you contact your IT Department or Network Administrator that youre conducting this kind of experiment to your network.

http://dtsenterprise.tech.officelive.com

What is Metasploit?

2010

The Metasploit is an open source computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development and a tool for developing and executing exploit code against a remote target machine. Metasplot can be installed in Microsoft Windows, Linux, or MAC OS X. Metasploit can check for the latest exploits on the web. Installation is simple for Microsoft Windows or Linux.

Operating Systems Microsoft Windows Linux

Download http://www.metasploit.com/releases/framework-3.4.1.exe http://www.metasploit.com/releases/framework-3.4.1-linux-i686.run

In the example I will be using Slaxware which is linux.

Scroll to the directory where you had download Metasploit in this case I download it to the Desktop.

http://dtsenterprise.tech.officelive.com

What is Metasploit?

2010

To begin the installation go to the Linux Terminal and type ./framework-3.4.1-linux-i686.run if youre in root or sudo ./framework-3.4.1-linux-i686.run if youre not installing Metasploit with root access.

Note: Before Metasploit installs your computer it will verify the integrity of the application. If the integrity check fails re-download the software.

http://dtsenterprise.tech.officelive.com

What is Metasploit?

2010

After it uncompressed metasploit will load the main screen. At the bottom the terminal screen it will say This installer will place Metaploit into the /opt/metasploit3 directory. Continue (yes/no) > Type yes to continue the installation. Once the installation has finished on the Linux Terminal Type msfconsole. You type help or /? it will show the following options.

http://dtsenterprise.tech.officelive.com

What is Metasploit?

2010

I recommend that you take the free online training which can be found at http://www.offensivesecurity.com/metasploit-unleashed/ or http://www.metasploit.com/documents/users_guide.pdf

Core Commands
Command ? back banner cd color connect exit help info irb jobs kill load loadpath quit resource route save search sessions set setg show sleep Description Help menu Move back from the current context Display an awesome metasploit banner Change the current working directory Toggle color Communicate with a host Exit the console Help menu Displays information about one or more module Drop into irb scripting mode Displays and manages jobs kill a job Load a framework plugin Searches for and loads modules from a path Exit the console Run the commands stored in a file Route traffic through a session Saves the active datastores Searches module names and descriptions Dump session listings and display information about sessions Sets a variable to a value Sets a global variable to a value Displays modules of a given type, or all modules Do nothing for the specified number of seconds

http://dtsenterprise.tech.officelive.com

What is Metasploit?
unload unset unsetg use version Unload a framework plugin Unsets one or more variables Unsets one or more global variables Selects a module by name Show the framework and console library version numbers

2010

http://dtsenterprise.tech.officelive.com