Wednesday, 11 January 2012

Starting Metasploit

Well, we have installed Metasploit and now we need to start configuring it to run.
First, as we have created a self-signed certificate, it is necessary to accept the validity of it. If you do not like this you can add the cert to the browsers list of trusted certs, but that is something for another time.


Click “Yes” to continue.
From here we will need to setup a new user (at least one).



You can see I have filled this into the form displayed in the image above. What matters is that you have a username and password that you will remember and not forget. Also, the “Password confirmation must contain letters, numbers, and at least one special character”.

If you have a personal firewall and anti-virus – you may have to disable them. At the least it is likely that you will have a hard time configuring all of the exceptions. This is why using a distro is a good idea.
 
Click “Create Account” on the lower right hand side of the screen and move onto registering and Activating Metasploit




Clicking “Register your Metasploit license here!” will take you to the “Rapid7” website where you can select either the free (community) or commercial (Metasploit Pro) version. We will be using the free version for this exercise.



Enter your email and click “Go” to continue. A Product Key will be sent in email.



Enter the product key into the website and click on the “Next”tab:
Click “Activate License” to load the new license and start using Metasploit.



You will see below that we are redirected to our local instance.


Also notice that the product is activated as it displays “Activation Successful”.

New Project
We are now ready to start exploiting systems. Let us start by clicking “New Project” and setting up the project we wish to run.



After filling out the details, we are ready to start with clicking “Create Project”:




Tomorrow we will continue this with scanning and selecting a system to exploit. If you already know that a system exists (such as from the results of a Nessus scan) with a potential vulnerability, we can use Metasploit to validate it.

This is important. Unless you have the time and money to fix ALL vulnerabilities found using a vulnerability scanner (such as OpenVAS or Nessus) it will be essential that you priorities the findings based on risk. This means you will need to validate the potential vulnerabilities discovered. This is what Metasploit does.

It is difficult to argue if an exploit can occur or not once you have a video of breaking into the site. It also allows you to show just how Easy/Hard a particular exploit would be.
The process is a four (4) step one and will incorporate the following:

  1. Select the platform or application that you seek to exploit
  2. Select the exploit to use
  3. Select the payload (shellcode or other)
  4. Run and load the exploit
Tomorrow we will run the scan and actually break into a system.

No comments: