Basics

The Metasploit project is a free open source computer security project that provides information about vulnerabilities and can be used for penetration testing and the development of IDS signatures. The best-known subproject is the Metasploit Framework, a tool for developing and executing exploits against distributed targets. Other important subprojects are the shellcode archive and IT security research.

Like comparable commercial solutions, such as Canvas (from Immunity) or Core Impact (from Core Security Technology), Metasploit can be used by administrators to examine the vulnerabilities of computer systems and close them on demand. On the other hand, it can also be misused to break into other systems. While the described deployment by an administrator in his own network is not only legitimate, but also legal, a deployment without explicit permission in third-party systems constitutes various types of computer crime.

Framework basics

1. Select and configure Exploit: An exploit is used to penetrate a target system by exploiting a program error. Version 4.0.0 contained 716 different exploits for Windows, Mac OS X, Unix, Linux, and other systems at the time of release; 103 more than in version 3.5.0.

1. Optional vulnerability check: This checks whether the target system is at all vulnerable to the selected exploit.

1. Select and configure payload: Payload refers to the code that is to be executed on the target computer in the event of a successful intrusion, e.g.:
   1. Client program Meterpreter (enables control over the target computer via an SSL connection, enables, among other things, file search, various methods of rights extension, port scans, redirection of network traffic and file download and upload).
   2. VNC Server
   3. shell
   4. Execution of the exploit.
   5. Further penetration on the target system: After a successful attack, further actions can be executed on the target computer using payload.

This modularity, which makes it possible to combine any exploit with any compatible payload, is one of the great advantages of the framework, as it allows the tasks of developers (payloads and exploits) and attackers to be separated.

Starting with major version 3[5], the Metasploit framework was implemented in the Ruby programming language. It runs under all versions of Unix (including Linux and Mac OS X) as well as Windows and can be operated via command line or via a graphical user interface written in Java. The Metasploit framework can be extended by external add-ons in different languages.

To select an exploit and a payload, you need some information about the target system and the network services installed on it. This information can be obtained by using a port scanner such as Nmap, which also enables OS fingerprinting of the operating system. Vulnerability scanners such as OpenVAS, Nessus or NeXpose can also be used to detect vulnerabilities on the target system.