search

Metasploit Payloads

Here are your notes on Automating Payloads & Delivery with Metasploit πŸ› οΈπŸ’₯:

hashtag
🧠 What is Metasploit?

  • Metasploit Framework is an open-source tool by Rapid7 for automating exploitation of vulnerabilities.

  • It includes:

    • 2000+ exploits

    • 500+ payloads

    • Tools for scanning, exploitation, post-exploitation, and evasion.

  • Meterpreter is the default payload in many exploit modules, offering extended control over the target system.

hashtag
πŸš€ Starting Metasploit

sudo msfconsole

  • ASCII art banner and module stats are displayed.

  • Modules include exploits, payloads, auxiliary tools, encoders, and more.

hashtag
πŸ” Target Discovery with Nmap

nmap -sC -sV -Pn <target-ip>

  • Example target ports:

    • 135: MS RPC

    • 139: NetBIOS-SSN

    • 445: Microsoft-DS (SMB)

  • Useful info includes OS fingerprinting and SMB security modes.

hashtag
πŸ•΅οΈβ€β™‚οΈ Searching for SMB Exploits

  • Use the numbered list (e.g., use 56) to select a module.

  • Example: exploit/windows/smb/psexec

    • Exploits SMB using valid credentials to deliver a Meterpreter payload.

hashtag
βš™οΈ Module Configuration

Use options to list configurable parameters.

  • RHOSTS: Target system IP

  • SHARE: ADMIN$ by default

  • LHOST: Your attack box IP

hashtag
πŸ’£ Launching the Exploit

  • MSF reports each step: connecting, authenticating, selecting payload, delivering shell

  • Success shown by Meterpreter session opening:

hashtag
πŸ–₯️ Working with Meterpreter

  • ? or help: Shows available commands

  • shell: Drops into native system shell

PreviousIntroduction to PayloadsNextCrafting Payloads with MSFvenom

Last updated