Hello friend,
let’s take a look at another walkthrough room on TryHackMe: Metasploit Introduction. Metasploit is an exploitation framework and is widely used in cyber security. If you want to hear about the background of it, there is an awesome Darknet Diaries Episode with its founder HD Moore.
There is a pro version of it, but we will use the open-source command-line version which comes pre-installed on Kali Linux.
Since this is a walkthrough room, most of the answers are already given in the instructions. If you need any help you can find the answers below.
Task 2 – Main Components of Metasploit
The functionality of Metasploit is separated into these module categories:
- Auxiliary – Everything for recon. Crawlers, fuzzers, scanners, and so on.
- Encoders – To encode your exploits and payloads for avoiding signature-based antivirus solutions.
- Evasion – Additional modules for antivirus evasion.
- Exploits – To abuse vulnerabilities in your target system.
- NOPs – No OPeration, used to buffer payloads to a specific size.
- Payloads – Code that gets executed once an exploit was successful. To get a shell on your target system.
- Post – Post-exploitation – useful once you have a shell.
What is the name of the code taking advantage of a flaw on the target system?
exploit
What is the name of the code that runs on the target system to achieve the attacker’s goal?
payload
What are self-contained payloads called?
singles
Is “windows/x64/pingback_reverse_tcp” among singles or staged payload?
singles – if it was staged, its name would be pingback/reverse_tcp – with a “/” and not a “_”
Task 3 – msfconsole
How would you search for a module related to Apache?
search apache
Who provided the auxiliary/scanner/ssh/ssh_login module?
If you haven’t started it yet, use msfconsole to start Metasploit in your command line.
Then use the module via use auxiliary/scanner/ssh/ssh_login
And at last use the info command to get the answer: todb
Task 4 – Working with modules
How would you set the LPORT value to 6666?
set LPORT 6666
How would you set the global value for RHOSTS to 10.10.19.23?
setg RHOSTS 10.10.19.23
What command would you use to clear a set payload?
unset payload
What command do you use to proceed with the exploitation phase?
exploit
That’s it for this room, not very challenging, but it is important to know the basics.