100%(1)100% нашли этот документ полезным (1 голос)
9K просмотров11 страниц
This course will give you an overview about Metasploit Framework. It will guide you through the installation process on different platforms (Linux, Windows, and Mac OS X) we also provide a forum for our students in order to be able to contact the author "ABDELLI Nassereddine" for any further questions.
This course will give you an overview about Metasploit Framework. It will guide you through the installation process on different platforms (Linux, Windows, and Mac OS X) we also provide a forum for our students in order to be able to contact the author "ABDELLI Nassereddine" for any further questions.
This course will give you an overview about Metasploit Framework. It will guide you through the installation process on different platforms (Linux, Windows, and Mac OS X) we also provide a forum for our students in order to be able to contact the author "ABDELLI Nassereddine" for any further questions.
Hakin9 Magazine | 2 About the Metasploit Framework Workshop This course will give you an overview about Metasploit Framework and will guide you through the installation process on different platforms (Linux, Windows, and Mac OS X). We also provide a forum for our students in order to be able to contact the author ABDELLI Nassereddine for any further questions. Hardware Requirements Minimum System Requirements 2 GHz+ processor 2 GB RAM available (4 GB recommended) 500MB+ available disk space 10/100 Mbps Network Interface Card (NIC) Supported Operating Systems Windows XP, 2003, Vista, 2008 Server, and Windows 7 Red Hat Enterprise Linux 5.x, 6.x x86 and x86_64 Ubuntu Linux 8.04, 10.04 x86 and x86_64 For Mac OS X, which is built on FreeBSD; Metasploit should run on Mac OS X properly when it is configured correctly. Required Browser Versions Mozilla Firefox 4.0+ Microsoft Internet Explorer 9 Google Chrome 10+ This course introduces the step-by-step instructions on how to install Metasploit on Mac OSs. Preparation and Requirements Linux (Ubuntu) We start by making sure that we have the latest packages by updating the system using apt-get command: sudo apt-get update sudo apt-get upgrade Now, we know that we are running an updated system. Hence, we can install all the dependent packages that are needed by Metasploit Framework using this command: The Metasploit Workshop Metasploit | Hakin9 Magazine | Hakin9 Magazine 3 sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre subversion git-core autoconf pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev ruby1.9.3 As we know metasploit have been fully rewritten with Ruby language, so we need to install the required Ruby libraries that metasploit framework depends on: sudo gem install wirble sqlite3 bundl Metasploit depends on Nmap as an external tool for network scanning, so we should install it as well using the following command. mkdir ~/Development cd ~/Development svn co https://svn.nmap.org/nmap cd nmap ./confgure make sudo make install make clea Since the framework depends on external databases in order to load faster and to respond to exploit or modules searches efficiently in time needed, so well need to install the Relational database management system (RDBMS) such as MYSQL, PostgreSQL .., etc. For this course, we will be using PostgreSQL as a database system an well cover both installation and configuration for it. We install PostgreSQL using apt-get command like so: apt-get install postgres Then, We switch to the postgres user apace where we can create a user and a database that we will use for Metasploit later: sudo -s su postgres Now, we create a user and database, you should record the database that you gave to the user since it will be used in the database.yml file that Metasploit will use to connect to the database.
createuser msfuser -P -S -R -D createdb -O msfuser msf Windows Windows operating system is always much easier than other operating systems regarding the installation of a new software, and all what you will need to do before installing the MSF is to get your proper action key from the RAPID7 website here: http://www.rapid7.com/products/metasploit/ download.jsp, after clicking on Download Metasploit Community After that, you should disable any Anti-virus programs or Firewalls in place, because of the MSF nature as it uses Exploits and Payloads for its operations, hence, anti-virus products may identify it as malicious and may start deleting important files from its folder. So we highly recommend that you create a folder METASPLOIT under the C:\ drive and add it as a trusted folder. Mac OSX Before we start installing Metasploit Framework, we need to make sure the system has already installed Apples Development Tool Xcode, it can be downloaded from (https://developer.apple. com/) or directly obtained from Apples App Store. Hakin9 Magazine | Metasploit Hakin9 Magazine | 4 Once you have Xcode installed on your system, open a new terminal, run xcode-select, and click the Install button to install the required command line developer tools As shown in the figure If you see a message telling you the software cannot be installed, because it is not currently available on the Software Update Server. This usually means you already have the latest version already installed. Also, We will need to install MacPorts. It can be downloaded from http://www.macports.org/install.php After installation, we should update it to the latest version using the following command: sudo port -v selfupdate After MacPorts and XCode have been correctly configured, we can go ahead to instal Ruby and RubyGem, we will use our previously installed MacPorts in this step. sudo port install ruby19 +nosuffx And in order to take the full advantage of the features of Metasploit Framework, we need to install an external database system (PostgreSQL). sudo port install postgresql93-server gem install pg -v 0.16.0 -- --with-pg-confg=/opt/local/lib/postgresql93/bin/pg_confg Installation Linux (Ubuntu) Once we have completed with the installation of all previous dependencies, we can go now and install the framework and connect it to the database we have created using PostgreSQL, we will install it from github since its the most updated one, and we can later use MSFUPDATE command in order to update the framework as follows: cd /opt git clone https://github.com/rapid7/metasploit-framework.git Now, we run budler to install the gems: cd /opt/metasploit-framework bundle install Metasploit | Hakin9 Magazine | Hakin9 Magazine 5 Once we are done, we should create the links to different commands (msfconsole, msfpayload .., etc.) so we can use them under any user and not being limited to use only under the framework folder: sudo bash -c for MSF in $(ls msf*); do in -s /opt/metasploit-framework/$MSF /usr/local/ bin/$MSF;done And for not being forced to run commands that connect to the MSF to the Postgres database each time we launch the framework, we need to create a configuration file under the framework folder: cd /opt/metasploit-framework touch database.yml And past this content inside, using your favorite text editor (I prefer nano :)): production: adapter: postgresql database: msf username: msfuser password: host: 127.0.0.1 port: 5432 pool: 75 timeout: 5 Windows Start with locating the Windows installer file and double-click on the installer icon, when the setup screen appears, click Next to continue. Hakin9 Magazine | Metasploit Hakin9 Magazine | 6 Accept the licence afreement and click Next On the next screen, choose an installation directory for Metasploit. The directory you choose must be empty. Click Next to continue (As we described earlier the installation folder must be trusted by the Anti-virus product you are using otherwise the installation will fail) When the Disable Anti-virus and Firewall screen appears, click Next, if it detects an active Anti- virus or Firewall in place itll show up this error: Metasploit | Hakin9 Magazine | Hakin9 Magazine 7 When the installation finishes, the web browser will automatically open up, and itll show you this page, all you have to do now is to create a username and password for the WEBGUI use. After you are done with that, youll find the metasploit console under Windows -> All Programs -> Metasploit. Mac OSX After downloading and installing all the dependencies mentioned in the previous section, now we are ready to go ahead and install MSF. In order to take full advantage of the Metasploit Framework, well want to connect it to the PostgreSQL. Hence, In PG Admin III, create a database called metasploitdb and a user name called msfuser with password msfpassword, then assign msfuser to metasploitdb.
After that we should download the MSF from github as follows: cd /opt/ sudo git clone https://github.com/rapid7/metasploit-framework.git Next, you should install the required gems and versions using bundler. For this we have to navigate to the metasploit-framework folder and then execute the command bundle install like so: cd /opt/metasploit-framework/ bundle install Hakin9 Magazine | Metasploit Hakin9 Magazine | 8 Now, that we are almost done, we create symlinks for msfconsole and msfpayload. This is in order to be able to execute the framework from any shell on any location using the following command: sudo ln -s /opt/metasploit-framework/msf* /opt/local/bin/ We have successfully installed and configured Metasploit and now for the first run just type msfconsole. Well, this is Metasploit Console, one form of taking advantage of the MSF. We will break down to the other forms of interfaces in the next chapter. Fundamentals First of all and before diving deep into the framework, we want to have a look at its architecture and how its designed. We see as in figure, the framework provides a truly impressive work environment. Its far from being just a collection of exploits. Its an infrastructure that you can build upon and utilize for your custom needs. Modules Payloads: This module is composed of the various payloads a penetration tester may wish to deposit into a target system. Payloads usually consist of some codes to run as well as some parameters defining how a connection to the compromised system might be made. Exploits: All standalone exploits belong in this module. It contains both passive and active exploits. An example of an active exploit is the one that exploits a buffer overflow whereas a passive exploit something along the lines of a fake DNS server that re-routes an unsuspecting user to a malicious site. Encoders: This module contains various encoders that are used to encode the payload before it is being sent to a remote computer. This is done to prevent the payload from being detected by an anti-virus program. Nops: This module is composed of a few different generators which targetted to generate operation instructions that are used as padding around some of the payloads in order to keep their size consistent. Aux (Auxiliaries): This module contains all the tools which a penetration tester would use in the initial phases of planning out an attack. These are Tools such as packet sniffers, port scanners, input fuzzers, etc. Metasploit | Hakin9 Magazine | Hakin9 Magazine 9 Libraries Rex (Ruby Extension Library): It contains most of the frameworks core features and tools, some of which are specific to the application domain, which were built to enhance the default Ruby library. The Rex module was designed to depend strictly on the default installation of Ruby (default libraries) and is the centerpiece of the framework. Some examples from Rex are wrappers for socket subsystems, implementations of client server protocols, a logging subsystem, exploitation utility classes, and a number of other useful classes MSFCore: To expose its features to other modules, the Metasploit team developed the MSF Core library, which works as an API and extension for Rex and its purpose is to provide a low-level interface that will allow peripheral modules to interact with Rex. MSFBase: This core library is extended by the MSF Base library which is designed to provide a simpler interface to interact with the core framework and some utility classes Tools & Plug-ins They work directly with the Metasploit API, and they manipulate the framework as a whole and also automate specific tasks which would be tedious to do manually. For example, lets say you have 10 hosts that you have access to (sessions), and you want to upload and execute a specific file on all the hosts, you can do it using a plugin that will automate the process. Interfaces MSFConsole: It provides an all-in-one centralized console that allows you efficient access to virtually all of the options available in the Metasploit Framework. Msfconsole may seem intimidating at first, but once you learn the syntax of the commands, you will learn to appreciate the power of utilizing this interface. MSFcli: Its a single line command for Metasploit, it provides almost the same fonctionalities as MSFconsole. So instead of running the whole metasploit project using MSFconsole just to generate a payload, for example, you can do it using MSFcli in just one command. Web: Its another way of browsing and using the functionalities provided by Metasploit via a web interface from a web browser. GUI: It is the tool which Metasploit uses to visualize targets and recommend exploits. It is called Armitage and it provides you with a fast and easy hacking without ever having to use your keyboard, just click and attack hosts. We will go in depth with Armitage in Module 3. We will introduce both Modules (Payloads, Exploits, Encoders, Nops, Auxiliaries) and Interfaces in depth in the next sessions. www.ipexpo.co.uk Co-located at Cyber Security EXPO is the new place for everybody wanting to protect their organisation from the increasing commercial threat of cyber attacks. Cyber Security EXPO has been designed to provide CISOs and IT security staff the tools, new thinking and policies to meet the 21st century business cyber security challenge. Cyber Security EXPO delves into business issues beyond traditional enterprise security products, providing exclusive content on behaviour trends and business continuity. At Cyber Security EXPO, discover how to build trust across the enterprise to securely manage disruptive technologies such as: Cloud, Mobile, Social, Networks, GRC, Analytics, Identity & Access, Data, Encryption and more. F R E E
R E G I S T R A T I O N The most comprehensive analysis anywhere of how to protect the modern organisation from cyber threats Free to attend seminars delivered by Mikko Hypponen, Eugene Kaspersky and many more Attend the Hack Den a live open source security lab to share ideas with White Hat hackers, security gurus, Cyber Security EXPO speakers and fellow professionals Network with industry experts and meet with Cyber Security exhibitors Discover what the IT Security team of the future will look like for a new era of cyber threats A NEW event, Register NOW www.cybersec-expo.com Sponsors www.cybersec-expo.com