Metasploit: Introduction
Metasploit is a powerful framework; that being said, it is also really essential to learn this tool if you want to get into penetration testing.
Before we start learning Metasploit, let's do the housekeeping first. Before you start Metasploit, you will want to start the PostgreSQL database, which Metasploit will use to track what you do.
sudo systemctl start postgresql
msfdb init
sudo service postgresql start
sudo msfconsole
Now, let’s start with the basics. Metasploit has infinite modules and commands, and it is impossible to remember what they do. For detailed information about a specific command, including usage, use the help command. E.g.
help search
Another important command is ‘search’. You can use the Metasploit search page to match Metasploit modules to vulnerabilities by Common Vulnerabilities and Exposures (CVE) number, Open Sourced Vulnerability Database (OSVDB) ID, Bugtraq ID, or Microsoft Security Bulletin, or you can search the full text of the module information for a string.
To get more information on a module we can use the info command. If you want to proceed and use the module, you will need the ‘use’ command and to find out the parameters required to use the module us ‘show options’ command.
Before we use the exploit, we must initialize the required options for the module. As we can see above, in our case, the required fields are PASSWORD, RHOSTS, TARGETURI, and USERNAME. USERNAME and PASSWORD are the username and password for the admin user on the wp-login page. I have initialized these variables according to my use case; you can change them and use them according to your own use.
In order to use an exploit, you will have to define a payload as well. Payload, in simple terms, is a simple script that hackers utilize to interact with a hacked system. To see compatible payloads, enter ‘show payloads’ and then select a payload using the command ‘set payload <payload_name>’
If you do not set the payload, it will be set as some default payload for that exploit. Once everything is done, we are ready to run our exploit. Enter ‘exploit’ to tell Metasploit to run the module
Once you enter exploit, your first step of exploitation is complete and you have hacked the server.
Watching someone use a tool is not as interesting as using it yourself, that is why I have written my own video write-up on using Metasploit for hacking a WordPress site.
In order to get a hands-on experience, you will have to download and run the virtual machine at the link mentioned below.
https://www.vulnhub.com/entry/basic-pentesting-1,216/
If you just want to learn how to use Metasploit in the context of penetration testing of the WordPress site, watch the video from 13:00 to 16:00. I have used the same steps as above for my demonstration. You will notice that while using the WordPress module, I am providing the admin’s username and password. If you watch the entire video, you will be able to understand how was I able to get those credentials.
References:
Penetration Testing: A Hands-On Introduction to Hacking, Georgia Weidman
