Troubled penetration testers
▪ need to have hundreds of tools, thousands of command parameters, can not really remember
▪ emerging vulnerabilities PoC / EXP different operating environment requirements, tedious preparation
▪ most of the time in learning to use different tools habits, if they can unify enough
▪ Metasploit can solve the above problems it?
MSF architecture
Rex ▪
- basic libraries for the complete basic daily tasks, without having to manually Coding
- process socket connection to access, response protocol (http / SSL / SMB, etc.)
- code conversion (XOR, Base64, Unicode)
▪ Msf :: Core
- provide basic core API Msf is the core competency framework of the implementation library
▪ Msf :: base
- API interface to provide a friendly, easy to call the module library
▪ plugin plug
- connection and call extensions and external systems
▪ / usr / Share / Metasploit-Framework / modules /
▪ Technical function module (not process modules)
- Exploits exploit system vulnerabilities attack operation, this module corresponds to attack each specific vulnerability (active and passive)
- Payload successfully exploit Thereafter, the real code or instructions executed by the target system
▪ shellcode system instructions or
▪ three kinds Payload: / usr / Share / Metasploit-Framework / modules / payloads /
▪ Single: All-in-One
▪ Stager: limited when the target computer memory first transmitting a smaller payload for establishing a connection
▪ Stages: subsequent payload using the established connection to download stager
▪ stager, Stages are various types, suitable for different scenarios
▪ shellcode a payload, because of its established positive forward / reverse shell named
▪ Technical function module (not process modules)
-: Auxiliary implementation of information collection, enumeration, an auxiliary module fingerprint detection, scanning and other functions (no payload of the exploit module)
module payload is encrypted to avoid AV check: - Encoders
- Nops : To improve the stability and maintain the size of the payload
Basic use: