LinkedInExploit ADHackTheBox

Modules

Metasploit modules are prepared scripts with a specific purpose and corresponding functions that have already been developed and tested in the wild. The exploit category consists of so-called proof-of-concept (POCs) that can be used to exploit existing vulnerabilities in a largely automated manner. Many people often think that the failure of the exploit disproves the existence of the suspected vulnerability. However, this is only proof that the Metasploit exploit does not work and not that the vulnerability does not exist. This is because many exploits require customization according to the target hosts to make the exploit work. Therefore, automated tools such as the Metasploit framework should only be considered a support tool and not a substitute for our manual skills.

We we are in msfconsole we can list all the modules and they look like

<No.> <type>/<os>/<service>/<name>

794   exploit/windows/ftp/scriptftp_list

The No. tag is useful to select any module for use.

The Type tag is the first level of segregation between the Metasploit modules. Some of these types are not directly usable as an exploit module would be, for example. However, they are set to introduce the structure alongside the interactable ones for better modularization.

Type

Description

Auxiliary

Scanning, fuzzing, sniffing, and admin capabilities. Offer extra assistance and functionality.

Encoders

Ensure that payloads are intact to their destination.

Exploits

Defined as modules that exploit a vulnerability that will allow for the payload delivery.

NOPs

(No Operation code) Keep the payload sizes consistent across exploit attempts.

Payloads

Code runs remotely and calls back to the attacker machine to establish a connection (or shell).

Plugins

Additional scripts can be integrated within an assessment with msfconsole and coexist.

Post

Wide array of modules to gather information, pivot deeper, etc.

To select and use any of the modules (used only with Auxiliary, Exploit, Post) use command use <no.>

The OS tag specifies which operating system and architecture the module was created for. Naturally, different operating systems require different code to be run to get the desired results.

The Service tag refers to the vulnerable service that is running on the target machine. For some modules, such as the auxiliary or post ones, this tag can refer to a more general activity such as gather, referring to the gathering of credentials, for example.

Finally, the Name tag explains the actual action that can be performed using this module created for a specific purpose.

Searching for modules

We can do help search to list all the helpful commands related to searching. Here is some examples of the search command:

Using modules

With command use <module | number>. We can use command option to list all the options that need to be set before we can run the module.

Using the command info will give us lots of details about a particular module or exploit.

From here we can set our target with the command set. For example set RHOSTS. There is also the setg command which specifies options selected by us as permanent until the program is restarted.

Finally, to execute just type run or exploit.

PreviousMSF ComponentsNextTargets/OS

Last updated