Metasploit Project

The Metasploit Project is a free open -source computer security project which provides information about security vulnerabilities and can be used in penetration testing and the development of IDS signatures. The best-known sub-project is the Metasploit Framework, a tool for developing and executing exploits against distributed target computer. Other important sub- projects include the shellcode archive and research in the field of IT security.

Like comparable commercial solutions, such as Canvas (of Immunity ) or Core Impact ( from Core Security Technology), Metasploit can be used by administrators to check the vulnerability of computer systems and to close them when needed. On the other hand, it may also be misused to break into other systems. During the described application by an administrator in his own network is not only legitimate but also legal to use them without express permission from external systems satisfies various offenses of cybercrime.

Metasploit Framework

Working with the Framework consists of the following basic steps:

This modularity that allows to combine any exploit with any compatible payload, is one of the great advantages of the framework, as it ( payloads and exploits ) and allows attackers to a separation of the tasks of developers.

From the main version 3, the Metasploit framework has been implemented in the programming language Ruby. It runs under all versions of Unix (including Linux and Mac OS X ) and Windows and can be operated via command line or via a graphical user interface written in Java. The Metasploit Framework can be extended by external add-ons in different languages.

To choose an exploit and payload, we need some information about the target system and the applications installed on network services. This information can be obtained by using a port scanner such as Nmap, which also enables the detection of the operating system OS fingerprinting. Vulnerability scanners such as Nessus or NeXpose can additionally be used to detect security vulnerabilities on the target system.

The shell code database

The shellcode database contains written in assembly language payloads ( payloads) with source code, which are used by the Metasploit Framework.

Metasploitable

To test the framework and to create a test environment for attacks, a virtual distribution called Metasploitable was created. With this you can test in a secure virtual environment attacks. This was replaced May 21, 2012 by Metasploitable 2, which is considered as a direct successor. There were some innovations and practical examples incorporated in order to demonstrate now includes more recent scenarios and to exercise. At the same time an official usage guide was published to facilitate the operation and explain examples.