Metasploit

1
Metasploit

• The Metasploit Framework

2
What is it?

• Advanced open-source platform for developing,
  testing, and using exploit code
• Started as portable network game
• Evolved into powerful tool that it is today a
  platform for creating security tools and exploits

3
Framework has existed in 3 different versions
since July 2003

• Version 1.0 written by H D Moore, using Perl
  scripting language and provided a curses based
  frontend. No longer supported
• Version 2.x also written in Perl was a
  collaboration between H D Moore, Matt
  Miller(skape), and spoonm an a small group of
  contributors No longer supported as of January
  2007
• The 3.x(current) version is a complete rewrite
  using the Ruby language. This version was
  developed under Metasploit LLC and is available
  for use under the Metasploit Framework License.
  Written in Ruby with components written in C and
  assembler

4
About Metasploit LLC

• Metasploit LLC was created by the Metasploit
  development team in 2006 for the purpose of
  preventing commercial abuse and ensuring the
  longevity of the project. The LLC owns all rights
  to the Metasploit software, domains, and
  trademarks.

5
Versions 1.x and 2.x

• The Framework was written in the Perl scripting
  language and includes various components written
  in C, assembler, and Python. The widespread
  support for the Perl language allows the
  Framework to run on almost any Unix-like system
  under its default configuration. A customized
  Cygwin environment is provided for users of
  Windows-based operating systems.

6
Version 3.x Supported Operating Systems

• The Framework should run on almost any Unix-based
  operating system that includes a complete and
  modern version of the Ruby interpreter(1.8.4).
  Every stable version of the Framework is tested
  with 3 primary platforms
• Linux 2.6 (x86, ppc)
• Windows NT (2000, XP, 2003)
• MacOS X 10.4 (x86, ppc)
• When using Windows platform msfweb is only
  supported interface.

7
Version 3.x improvements

• Auxiliary modules
• Ability to execute multiple modules at same time
• Using same process and instance of framework
  multiple command shells via a single exploit
  instance.
• Evasion options for almost every module
• modules dont need to be updated

8
How is it used?

• Penetration testing
• Verify Patch installations
• Perform regression testing
• Expose vulnerabilities
• Hacking tool

9
What does it do?

• The Metasploit Framework consists of tools,
  libraries, modules, and user interfaces.
• The basic function of the framework is a module
  launcher, allowing the user to configure an
  exploit module and launch it at a target system.
• If the exploit succeeds, the payload is executed
  on the target and the user is provided with a
  shell to interact with the payload.

10
References

• http//www.infosecinstitute.com/blog/2005/12/fuzze
  rs-ultimate-list.html
• http//en.wikipedia.org/wiki/Fuzz_testing
• http//en.wikipedia.org/wiki/API
• http//www.securityfocus.com/columnists/439
• http//framework-mirrors.metasploit.com/
• http//www.metasploit.com/
• http//searchsqlserver.techtarget.com/tip/1,289483
  ,sid87_gci1159718,00.html
• http//framework-mirrors.metasploit.com/documents/
  msfopcode.html