Introduction to Metasploit for Penetration Testing and Hacking

We would like to recommend you a great video from Eli the Computer Guy

Level: Beginner
Presenter: Eli the Computer Guy
Date Created: April 19, 2013
Length of Class: 24:05

Research Assistance: Nullset Computer Co
Purpose of Class
This class gives students an overview as to why Metasploit is an important tool for Penetration Testing and Hacking.
Class Notes
Metasploit is a Framework vs. being a purpose built application. You can build your own tools using it much like you can build new toys with Legos.
Versions for Linux and Windows (And of course is included with Backtrack 5)
Disable AntiVirus and Firewall Software before using Metasploit
Metasploit Terms
Exploit - The way an attacker uses a systems vulnerability
Payload -- Code that is going to be run on attacked system
Shellcode -- payload code that provides an attacker with a Shell interface for compromised system
Module -- A "plugin" for Metasploit to perform specific tasks
Listener -- A component that listens for incoming connections
MSFconsole -- Console environment where you give commands to Metasploit interactively
MSFcli -- Allows you to run Metasploit directly from the command line. This is used to create scripts that call Metasploit to perform specific actions
Armitage -- Free graphical user interface
Metasploit Express and Pro -- Commercial Interfaces that make working with Metasploit more user friendly
You can store collected data into built in Database
PostgreSQL Database created during installation

Lab Setup Used in Demonstration
Study Guides
Metasploit the Penetration Tester's Guide (ISBN: 978-1-59327-288-3)
Pages 7-11, 14, 20-21


© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013