Metasploit is a great tool in penetration testing of a network or a website. Metasplot have many interface, it is difficult to select one of them. My tutorials will help you get up and running with metasploit. I will be using a virtual LAB for tutorials (In the next tutorial we will discuss about LAB). In this tutorial we will talk about interface of Metasploit.
Before we begun to interfaces we must learn about few terms:-
Exploit – to take advantage of a security flaw within a system, network, or application.
Payload – is code that our victim computer to execute by the metasploit framework.
Module – a small piece of code that can be added to the metasploit framework to execute an attack.
Shellcode – a small piece of code used as a payload.
Now that we know about these terms we can start with Interfaces of Metasploit.
This is an all-in-one interface, can be used to launch attacks, creating listeners, creating database of vistims and much, much more. I prefer this interface because it is easy to use, We will be using Msfconsole throughout these tutorials. Metasploit comes installed by default on backtrack 5 and Kali Linux. To access msfconsole, open your terminal and type:
It will start the console which will look like:
Msfcli is another way to access the metasploit framework. This interface is used by metasploit expert who have experience of using metasploit and remember the path of exploit and options of that exploit. Instead of an interface like msfconsole it take 1 command at a time for terminal and launch it.
lets see some of the commands (give command at terminal mode):
msfcli -h this command will show you the help about msfcli.
msfcli windows/smb/ms08_067_netapt o in this command I have provided the link to an exploit, adding o at the end tells me about the options of that exploit.
Armitage is GUI interface of metasploit. It makes metasploit easy to use, you don’t need much knowledge like how metasploit, payload works. Nice thing about this interface is this that if you are attacking on multiple targets then it become easy to manage those target with armitage. To launch armitage open terminal and give command:
click on yes, it will take the time to start and will show you message “connection error” ignore it.
There are few other features which are used like msfencode, msfpaylods etc. We will see these later.
If you have any doubt or any question, put a comment.