TryHackMe — Metasploit: Introduction Writeup
Metasploit Framework is one of the most widely used tools in cybersecurity, penetration testing, exploit development, and vulnerability research.
This TryHackMe room introduces the fundamentals of Metasploit, its modules, payloads, exploits, and how penetration testers use the framework during security assessments.
Warning: For educational purposes only.
Task 1 — Introduction to Metasploit
The Metasploit Framework is a collection of tools designed for:
- Information Gathering;
- Vulnerability Scanning;
- Exploitation;
- Post-Exploitation;
- Payload Generation;
- Exploit Development.
Main Components
- msfconsole — Main command-line interface;
- Modules — Exploits, payloads, scanners, and auxiliary tools;
- Tools — Utilities such as msfvenom, pattern_create, and pattern_offset.
Task 2 — Main Components of Metasploit
Modules are the core of the Metasploit Framework and are designed to perform specific actions during penetration testing.
Important Concepts
Exploit — Code that takes advantage of a vulnerability.
Vulnerability — A flaw affecting a system or application.
Payload — Code executed on the target system after exploitation.
Module Categories
- Auxiliary — Scanners, fuzzers, and crawlers;
- Encoders — Encode payloads to avoid detection;
- Evasion — Attempt to bypass antivirus software;
- Exploits — Exploitation modules;
- NOPs — No-operation instructions used as buffers;
- Payloads — Code executed after successful exploitation.
Questions & Answers
Q: What is the name of the code taking advantage of a flaw on the target system?
A: Exploit
Q: What is the name of the code executed on the target system?
A: Payload
Q: What are self-contained payloads called?
A: Singles
Q: Is "windows/x64/pingback_reverse_tcp" a single or staged payload?
A: Singles
Task 3 — msfconsole
The msfconsole is the primary interface used to interact with Metasploit modules and tools.
Useful Commands
msfconsole search apache use exploit/windows/smb/ms17_010_eternalblue show options
Questions & Answers
Q: How would you search for a module related to Apache?
A: search apache
Q: Who provided the auxiliary/scanner/ssh/ssh_login module?
A: todb
Task 4 — Working with Modules
After selecting a module using the use command, parameters must be configured before exploitation.
Setting Parameters
set PARAMETER_NAME VALUE
Common Parameters
- RHOSTS — Target IP address;
- LHOST — Local attacker IP;
- LPORT — Listening port;
- PAYLOAD — Payload to execute.
Useful Commands
set LPORT 6666 setg RHOSTS 10.10.19.23 unset PAYLOAD exploit
Questions & Answers
Q: How would you set the LPORT value to 6666?
A: set LPORT 6666
Q: How would you globally set RHOSTS to 10.10.19.23?
A: setg RHOSTS 10.10.19.23
Q: Which command clears a configured payload?
A: unset PAYLOAD
Q: Which command starts the exploitation process?
A: exploit
Common Metasploit Workflow
- Search for a module;
- Select the module using use;
- Configure required options;
- Select a payload;
- Run the exploit;
- Perform post-exploitation activities.
Final Thoughts
This TryHackMe room provides an excellent introduction to the Metasploit Framework and demonstrates how professional penetration testers interact with exploits and payloads during security assessments.
Understanding Metasploit is essential for:
- Ethical Hacking;
- Penetration Testing;
- Red Team Operations;
- Exploit Development;
- Vulnerability Research;
- Cybersecurity Training.
SEO Tags
TryHackMe, Metasploit, msfconsole, Penetration Testing, Ethical Hacking, Exploitation Framework, Payloads, Exploits, Cybersecurity, Red Team, Vulnerability Research, Kali Linux, Metasploit Framework, Offensive Security, Pentest
That's all for now, I hope this has helped you.
Comentários
Postar um comentário