Metasploit
| Metasploit
|
|
|---|---|
|
|
| Basic data
|
|
| developer | Rapid7 |
| Current version |
6.0.0 ( August 6, 2020 ) |
| operating system | platform independent |
| programming language | Ruby |
| category | Security software |
| License | BSD license (framework) |
| German speaking | No |
| www.metasploit.com | |
The Metasploit project is a computer security project that provides information about security vulnerabilities and can be used in penetration tests and the development of IDS signatures . The best-known sub-project is the free Metasploit Framework , a tool for developing and executing exploits against distributed target computers. Other important sub-projects are the shellcode archive and research in the field of IT security.
Like comparable solutions, e.g. B. Canvas (from Immunity) or Core Impact (from Core Security Technology), Metasploit can be used by Red Teams , among others , to check the weak points of computer systems on behalf of them and to have these weak points closed if necessary. On the other hand, like any other tool, it can also be misused to compromise other systems .
Metasploit framework
Working with the framework is divided into the following basic steps:
- Selecting and configuring an exploit: An exploit is used to penetrate a target system by exploiting a program error. Version 4.0.0 contained 716 different exploits for Windows , Mac OS X , Unix , Linux , and other systems at the time of release ; 103 more than in version 3.5.0.
- Optional vulnerability check: This checks whether the target system is even vulnerable to the selected exploit.
-
Select and configure payload or payload : Payload refers to the code that is to be executed on the target computer in the event of a successful break-in, e.g. B .:
- Client program Meterpreter (enables control of the target computer via an SSL connection, enables, among other things, file searches, various methods of privilege escalation , port scans , redirection of network traffic and file download and upload).
- VNC server
- Shell
- Execution of the exploit.
- Further penetration on the target system: After a successful attack, further actions can be carried out on the target computer using the payload.
This modularity, which allows any exploit to be combined with any compatible payload, is one of the great advantages of the framework, as it enables the tasks of developers (of payloads and exploits) and attackers to be separated.
As of main version 3, the Metasploit framework was implemented in the Ruby programming language. It runs under Linux and macOS as well as Microsoft Windows , is a fixed component in specialized Linux distributions such as Kali Linux , and can be operated via the command line or a graphical user interface written in Java. The Metasploit framework can be expanded with external add-ons in different languages.
In order to choose an exploit and a payload, one needs some information about the target system and the network services installed on it. This information can be obtained by using a port scanner such as Nmap , which also enables the operating system to be recognized by OS fingerprinting . Vulnerability scanners such as OpenVAS , Nessus or NeXpose can also be used to discover security gaps on the target system.
The shellcode database
The shellcode database contains payloads written in assembly language with source code that are used by the Metasploit Framework.
Metasploitable
In order to gain practical experience with Metasploit, a test environment called Metasploitable with deliberately built-in vulnerabilities was put together. Metasploitable is a fully configured virtual machine (VM) that can be operated under VMware or VirtualBox in a test environment. Operation as a virtual machine has the advantage that through the use of snap shots , which are system states that are created at a certain point in time and can easily be restored, various destructive attack methods can also be tried out efficiently and repeatedly in different variations. The first version of Metasploitable was superseded by Metasploitable 2 on May 21, 2012 , which is regarded as the direct successor. Some innovations and practical examples have been incorporated in order to demonstrate and train more current scenarios. At the same time, an official user guide was published to make operation easier and to explain examples.
Web links
- Official website
- Official website of the manufacturer Rapid7
- Exploits for everyone , detailed report from heise security
- Free online article from ADMIN magazine
- Official Metasploitable 2 User Guide
Individual evidence
- ↑ Release 6.0.0 . August 6, 2020 (accessed August 13, 2020).
- ↑ Metasploit 4.0.0 Release Notes. In: metasploit.com. Retrieved August 28, 2011 .
- ↑ Metasploit 3.5.0 Release Notes. In: metasploit.com. Retrieved August 28, 2011 .
- ↑ Metasploit 3.0 relies on Ruby. In: linux-magazin.de. Retrieved July 22, 2012 .
- ^ Metasploitable announcement on the Metasploit Blog. In: Metasploit Blog. Retrieved September 1, 2010 .
- ↑ Introducing Metasploitable 2! In: Rapid7 Blog. Retrieved June 13, 2012 .