Introduction to the Metasploit Framework
The Metasploit Framework (MSF)
Course Topic Overview
- Introduction to The Metasploit Framework
- Metasploit Fundamentals
- Information Gathering & Enumeration With MSF
- Vulnerability Scanning With MSF
- Client-Side Attacks With MSF
- Host & Service Based Exploitation With MSF
- Post Exploitation With MSF
- Metasploit GUIs (Graphical User Interfaces)
Learning Objectives
- Students will understand how the Metasploit Framework works how it is structured.
- Students will be able to install, configure and manage their Metasploit Framework installation.
- Students will be able to perform information gathering & enumeration with MSF.
- Students will be able to identify & exploit vulnerabilities on Windows & Linux targets with MSF.
- Students will be able to perform various post exploitation attacks and techniques like privilege escalation with MSF.
Metasploit 框架 (MSF)
课程主题概述
- Metasploit 框架简介
- Metasploit 基础知识
- 使用 MSF 进行信息收集和枚举
- 使用 MSF 进行漏洞扫描
- 使用 MSF 的客户端攻击
- 使用 MSF 进行基于主机和服务的利用
- 使用MSF进行后渗透
- Metasploit GUI(图形用户界面)
学习目标
- 学生将了解 Metasploit 框架是如何工作的。
- 生将能够安装、配置和管理他们的 Metasploit 框架安装。
- 学生将能够与 MSF 一起进行信息收集和枚举。
- 学生将能够使用 MSF 识别和利用 Windows 和 Linux 目标上的漏洞。
- 学生将能够执行各种后期利用攻击和技术,例如使用 MSF 提升权限。
What is the Metasploit Framework?
The Metasploit Framework (MSF)
The Metasploit Framework (MSF) is an open-source, robust penetration testing and exploitation framework that is used by penetration testers and security researchers worldwide.
It provides penetration testers with a robust infrastructure required to automate every stage of the penetration testing life cycle.
It is also used to develop and test exploits and has one of the world’s largest database of public, tested exploits.
The Metasploit Framework is designed to be modular, allowing for new functionality to be implemented with ease.
The Metasploit Framework (MSF) source code is available on GitHub.
Developers are constantly adding new exploits to the framework.
什么是 Metasploit 框架?
Metasploit 框架 (MSF)
Metasploit Framework (MSF) 是一种开源、强大的渗透测试和利用框架,全球渗透测试人员和安全研究人员都在使用该框架。
它为渗透测试人员提供了自动化渗透测试生命周期每个阶段所需的强大基础设施。
它还用于开发和测试漏洞,并拥有世界上最大的公共、测试漏洞数据库之一。
Metasploit Framework 设计为模块化,允许轻松实现新功能。
Metasploit Framework (MSF) 源代码在 GitHub 上可用。
开发人员不断向框架添加新的漏洞利用。
History of The Metasploit Framework
- Developed by HD Moore in 2003
- Originally developed in Perl
- Rewritten in Ruby in 2007
- Acquired by Rapid7 in 2009
- Metasploit 5.0 released in 2019
- Metasploit 6.0 released in 2020
Metasploit 框架的历史
- 由 HD Moore 于 2003 年开发
- 最初是用 Perl 开发的
- 2007 年用 Ruby 重写
- 2009 年被 Rapid7 收购
- 2019 年发布的 Metasploit 5.0
- 2020年发布Metasploit 6.0
Metasploit Editions
- Metasploit Pro (Commercial)
- Metasploit Express (Commercial)
- Metasploit Framework (Community)
Metasploit 版本
- Metasploit Pro(商业)
- Metasploit Express(商业)
- Metasploit 框架(社区)
Essential Terminology
Interface - Methods of interacting with the Metasploit Framework.
Module - Pieces of code that perform a particular task, an example of a module is an exploit.
Vulnerabilities - Weakness or flaw in a computer system or network that can be exploited.
Exploit - Piece of code/module that is used to take advantage a vulnerability within a system, service or application.
Payload - Piece of code delivered to the target system by an exploit with the objective of executing arbitrary commands or providing remote access to an attacker.
Listener - A utility that listens for an incoming connection from a target.
基本术语
接口 - 与 Metasploit 框架交互的方法。
模块 - 执行特定任务的代码片段,模块的一个示例是漏洞利用。
漏洞——计算机系统或网络中可被利用的弱点或缺陷。
Exploit - 一段代码/模块,用于利用系统、服务或应用程序中的漏洞。
有效载荷 - 通过漏洞利用以执行任意命令或向攻击者提供远程访问为目标传送到目标系统的一段代码。
侦听器 - 侦听来自目标的传入连接的实用程序。
Metasploit Framework Interfaces
Metasploit Framework Console
The Metasploit Framework Console (MSFconsole) is an easy-to-use all in one interface that provides you with access to all the functionality of the Metasploit Framework.
Metasploit 框架控制台
Metasploit Framework Console (MSFconsole) 是一个易于使用的一体化界面,可让您访问 Metasploit Framework 的所有功能。
Metasploit Framework CLI
The Metasploit Framework Command Line Interface (MSFcli) is a command line utility that is used to facilitate the creation of automation scripts that utilize Metasploit modules.
It can be used to redirect output from other tools in to msfcli and vice versa.
Note: MSFcli was discontinued in 2015, however, the same functionality can be leveraged through the MSFconsole.
Metasploit 框架 CLI
Metasploit 框架命令行界面 (MSFcli) 是一个命令行实用程序,用于促进利用 Metasploit 模块创建自动化脚本。
它可用于将其他工具的输出重定向到 msfcli,反之亦然。
注意:MSFcli 已于 2015 年停用,但是,可以通过 MSFconsole 使用相同的功能。
Metasploit Community Edition
Metasploit Community Edition is a web based GUI front-end for the Metasploit Framework that simplifies network discovery and vulnerability identification.
Metasploit 社区版
Metasploit Community Edition 是 Metasploit Framework 的基于 Web 的 GUI 前端,可简化网络发现和漏洞识别。
Armitage
Armitage is a free Java based GUI front-end for the Metasploit Framework that simplifies network discovery, exploitation and post exploitation.
Armitage
Armitage 是一个基于 Java 的免费 GUI 前端,适用于 Metasploit 框架,可简化网络发现、利用和后期利用。