Friday 27 January 2017

Metasploit Tutorials | What is Metasploit, Exploit, Payload

Posted by Vijay Jangra in:
"Any tool is a Weapon, If you hold it right. " - Ani DiFranco

In my previous post, we got idea of some some best hacking tools. I also mentioned Metasploit in that list. This is a metasploit tutorial post which covers basics of this great hacking tool.

If you are a complete beginner in penetration testing and ethical hacking field, then this is right place for you. This hacking tutorial for beginner covers questions like What is Metasploit ? You will get basic understanding of this tool at the end of this post.



In this guide, We will also cover metasploit terminology to know about terms like Exploit, Payload, Auxiliary and Encoders. And in next post, We will learn to use metasploit to hack Android phone and Windows PC.


metasploit tutorial what is metasploit exploit payload


Metasploit Tutorial : Introduction

Actually, Metasploit is a framework not an application or software. Metasploit was created by H.D Moore in 2003. This framework in completely written in Ruby language. Now it is acquired by Rapid7.

Metasploit is used to test security of any system by exploiting any specific vulnerability. It is mostly used by Hackers and Penetration Testers. And do not forget that it is most important tool of penetration testing.

Download Metasploit

Metasploit is available in both paid and free version. Metasploit Pro is paid which is mostly used by professional security testers but you can download Metasploit Community edition which is free and open source. Community Edition provides you GUI web based interface but i recommend you to use Metasploit Framework which is mostly used in Command Line Interface. Use below link to go to the website and download Metasploit Framework.
Download Metasploit

Metasploit Framework is pre installed in Kali Linux. You can use it by typing msfconsole command in terminal.

Basic Terms

Metasploit basically consists of four thing i.e. Exploits, Payloads, Auxiliary and Nops/Encoders. Lets understand these things in more deep.

Exploit -> An exploit is malicious piece of code or a program written to take advantage of any vulnerability. This process is Exploitation. Exploit can be used to deliver Payloads.

Payload :-> After successfully exploiting vulnerability of target system. A hacker delivers another code which is bundled in Payload. You can think of it as a malware virus or worm which can be used to perform actions like installing new software, stealing files, deleting files, getting shell etc remotely. The most reliable payload of all time is meterpreter. Msfvenom tool is used to create standalone executable payloads.

Auxiliary -> Auxiliaries are other codes or scripts mostly used for scanning, fuzzing, sniffing and much more. You can also use them as vulnerability and port scanner.

★ How to become Ethical Hacker

Nops/Encoders -> To avoid detecting of Antiviruses and Firewalls, we have encoders which can be used to encode executable payloads. We can use encoders using msfencode tool. Msfencode encodes the original binary to avoid detection and then decode it at the time of execution.

That's all. It was a basic metasploit tutorial which is enough to answer your question What is metasloit ?

Now download metasploit and learn to use it. In our next post, We will use metasploit to hack android smartphone.



About Admin of the Blog:

Vijay Jangra is the founder of Cybrary Tech .He is a Tech Geek, Ethical Hacker, Programmer and a Pro Blogger. He is passionate about and love to learn new things about Ethical Hacking. Contact Him Here

Follow him @ Google+ | Facebook

1 comment:

  1. terms & conditions5 May 2017 at 04:44

    I am so thankful to you, sir, for sharing these indispensably vital articles. This tutorial is indeed very helpful! I am sure that every reader will be excited to follow your guidelines.

    ReplyDelete

Home About Us Privacy Policy Contact-Us

The content is strictly copyrighted to the Admin and may not be reproduced without permission.

© 2014 Designed by Imran