How to Hack Like a Pro: Getting Started with Metasploit
This is my first contribution in an ongoing series on detailing the best free, open source hacking and penetration tools available. My goal is to show you some of the quality tools that IT security experts are using every day in their jobs as network security and pen-testing professionals. There are hundreds of tools out there, but I will focus and those that meet four key criteria:
- Open source
- High quality
- Widely used and trusted in the IT security/pen-testing community
As such, no hacker/penetration tool box is complete without the addition of the versatile and powerful Metasploit.
Metasploit is among the most widely used exploitation tools in the hacking/security field. It's used by both novices and advanced professionals. Insecure.Org, run by Fyodor, the founder of Nmap, annually surveys security professionals for their opinion on the top security software. Metasploit has consistently ranked among the top ten since its inception and currently ranks second. That should give you some idea of how important Metasploit is in the security community.
Metasploit is a self-described "framework" for cyber exploitation. As a framework, it eases the effort to exploit known vulnerabilities in networks, operating systems and applications, and to develop new exploits for new or unknown vulnerabilities. As of last Thursday, Project Basecamp announced the development of a Stuxnet-like module for Metasploit.
Metasploit has developed a Meterpreter that when loaded into a target system, makes maintaining access and controlling the target much easier. As such, every self-respecting hacker (and even those without self-respect) should have some basic knowledge of Metasploit. This series of articles will initially focus on conferring at least a rudimentary understanding of how Metasploit works and how it can be utilized by the hacker/penetration tester to own the box, download data and cover your tracks.
Metasploit was developed in 2003 as an open source project by H.D. Moore. Originally developed in PERL, the developer team rewrote Metasploit in Ruby in 2007. This is critical, because you need to have Ruby on your system in order to run Metasploit and to develop your own exploits.
After many years of success in the hacker/penetration tester community, it was purchased by Rapid7 in 2009. After its purchase, the Metaspoloit framework was split into three versions. Two are commercial versions; Metasploit Express and Metasploit Professional, the latter selling for $1800. These two have nice GUIs and numerous bells and whistles, including the automation of several attacks, but there is still a free and open source community edition known as the Metasploit Community.
Fortunately, some independent developers at Armitage have created a free and open source GUI for Metasploit that is both beautiful and elegant, for those that prefer the point-and-click mode of operation.
There is a Windows version of Metasploit, but many of the features (raw IP packet injection, wireless driver exploitation, SMB relaying attacks, etc.) are unavailable in the Windows environment, though some of these limitations can be overcome by using Cygwin or running Windows in a virtual environment on Linux.
For these and other reasons, we will commence this series using the more flexible command line interface (CLI) version in Linux, and eventually we will install and use the Armitage GUI.
The first step in our process is to download and install Metasploit. Although there is a Windows version, I will focus on the Linux version because of its greater flexibility and capability. Let's walk through the download and installation on my favorite Linux distro, Ubuntu.
To install the latest version of the Metasploit 4 Framework (MSF4) on Ubuntu 10.04 (or any other Debian-based distros), use the following commands. This downloads and installs the generic Linux binary which comes bundled with all the necessary components you need for Metasploit to install and run. This should work for most users and is the easiest and quickest way to get the Metasploit Framework running under Ubuntu and other Debian-based Linux distros.
First open a terminal window and type:
If you're installing on a 64-bit build of Ubuntu, use this instead:
This downloads the current version of the Metasploit framework via Wget.
Before you can run the installer, you need to make it executable. In the terminal, you must change the mode to execute (x) for Metasploit:
chmod +x framework-4.*-linux-full.run
And now execute the installer by getting root privileges by typing sudo and ./ with the name of our package:
You should then be prompted for your root password. After entering that, you should get a screen that looks something like this:
Go ahead and click Forward.
Agree to the terms of the license agreement and click Forward.
I suggest that you select Yes for automatic updates so that your exploit framework has the latest and greatest updates. Click Forward.
Here, Metasploit is asking whether you want to insert a different service script. You can just accept the default and hit Forward.
Be patient now; it will take Metasploit a few minutes to install and build your database. After it's done, you are ready to run Metasploit. Simply type:
Finally, you should be greeted by this screen.
You have now successfully installed the world's best open source exploit framework and you are ready to begin system/network exploitation and pen testing!
Please note that in my installation here, it warns me that updating is recommended as the last update was 249 days ago. If you want to update your framework, then type:
In my next article, we will look at the terminology and components of Metaspolit and then initiate a tried and true exploit.