IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [metasploit]

Metasploit is an open source exploitation framework that acts as a tool for developing and executing exploit code against a remote target machine

The Metasploit Framework is an open-source project owned/sponsored by Rapid7 for vulnerability assessment, exploitation development, penetration testing, and many other computer and network security-related tasks.

Since version 3 of the Framework, Metasploit has been written primarily in Ruby. Version 2 and older were written in Perl. The various payloads, stagers, and shellcodes are primarily written in C, assembly, and Java.

Metasploit is developed on Github. Documentation and community forums are available on Rapid7's community site. Questions can also be asked in the #metasploit channel on Freenode.

497 questions
71
votes
6 answers

Do actual penetration testers actually use tools like metasploit?

I've played around with metasploit simply as a hobby but am wondering if actual pentesters and/or hackers actually use metasploit to get into systems or do they write their own post exploitation modules or their own programs entirely? Reason I ask…
shawn
  • 813
  • 1
  • 7
  • 6
27
votes
3 answers

Metasploit Meterpreter alternatives

These days I am testing various type of client hacking techniques, but in all scenarios I am using Meterpreter variations as payload. Now I can bypass Anti-Virus and Firewalls easily, but Symantec Sonar and IPS always detect Meterpreter payloads and…
r4ym0nd PenTester
  • 397
  • 1
  • 6
  • 12
20
votes
6 answers

Browsing exploits with Metasploit console

Is there any way to browse certain exploits in MSFconsole? The show exploits command shows too many and I cannot find a way to show just Windows file format exploits, for example.
Sonny Ordell
  • 3,476
  • 9
  • 33
  • 56
18
votes
1 answer

NOPS in Metasploit

Problem I do not know what a "NOP" is in Metasploit Framework or otherwise. What I do know Metasploit Unleashed says, "Nops keep the payload sizes consistent." A few question posts mention buffer overflows. What I would like to know Why do Nops keep…
gal
  • 649
  • 2
  • 6
  • 12
16
votes
4 answers

Detecting reflective DLL injection

In the past few years, malware (and some pen-test tools like Metasploit's meterpreter payload) have begun to use reflective DLL injection (PDF) to load a DLL into the memory of a process. The benefit is that the file is never written to disk and is…
Mick
  • 273
  • 1
  • 3
  • 11
14
votes
3 answers

Is it safe to install metasploit on my work computer?

I'm new to metasploit, and want to install it on the work computer I use every day; but I'm not sure whether it is safe. Are there any best practices when using metasploit?
elsadek
  • 1,782
  • 2
  • 17
  • 53
14
votes
2 answers

What is Shikata Ga Nai

I came across this payload named "Shikata Ga Nai" (in Japanese it means nothing can be done about it). Some exe file was generated and when it is executed, a reverse shell can be obtained. But this can be done by many payloads on Metasploit. Is…
one
  • 1,781
  • 3
  • 18
  • 45
13
votes
2 answers

Custom Metasploit payload with UAC bypass

The machine I am attacking has anti-virus installed. I have managed to use Veil Framework in order to create an initial reverse shell payload that is undetected by the AV. However, UAC is enabled on the Windows 7 target. I am trying to use…
SilverlightFox
  • 33,408
  • 6
  • 67
  • 178
12
votes
5 answers

Techniques for Anti Virus evasion

What are some good anti virus evasion techniques when using ps_exec? As a pentester I often encounter situations where you can't, for one exploit a machine as they are running anti-virus software on their machines. I'm mostly talking about binaries…
Lucas Kauffman
  • 54,169
  • 17
  • 112
  • 196
11
votes
4 answers

Nessus Scan Port ID mapped to Metasploit Vulnerability exploits

My Question: Is there any sort of website that maps Nessus Scan IDs to Metasploit Vulnerabilities? My Situation: I'm learning about penetration testing and I'm beginning to get frustrated seeing a nessus scan like this (for example): Plugin ID …
kentcdodds
  • 233
  • 2
  • 9
10
votes
1 answer

When to use a Bind shell vs. a Reverse shell?

Metasploit question:- I know what these shells are but am a little confused on the execution. Assuming that you successfully get a meterpreter shell and want to upload a backdoor, what should you use as a payload in the backdoor file- should I use a…
Utkarsh Agrawal
  • 493
  • 1
  • 8
  • 15
10
votes
1 answer

Meterpreter (Metasploit) anonymous reverse connection over Tor2web

The general consensus seems to be that one sets up a listener on a server accessible by a public IP and some port forwarding. For anonymity this should be a throw-away server or a hacked box. I've been trying to make a reverse connection over tor…
Polarsbear
  • 111
  • 1
  • 7
10
votes
2 answers

importing OpenVAS xml in metasploit

I am practising in my lab with some metasploitable machines, and I just realised that the vulns declared by OpenVAS 6.01 in the scan report aren’t imported in Metasploit 4.11.5 by the db_import report-blah.xml. When I read the report on the OpenVAS…
Sarastro
  • 321
  • 2
  • 13
9
votes
6 answers

Exploiting through a filtered port

I'm doing some pentesting against a machine the lecturer set up in the lab. NMAP shows port 445 to be filtered and Nessus confirms the ms08_067 vulnerability is present on that machine. I tried running Metasploit against it the normal way: use…
Juicy
  • 1,407
  • 4
  • 16
  • 31
9
votes
1 answer

What is a Payload Handler?

I'm new to the metasploit and in a book it was said that when a reverse shell is used by an attacker, a handler is initiated. I've searched the about it but doesn't found any satisfactory information about the 'Handler'. What is it?
Abhirup Bakshi
  • 167
  • 1
  • 6
1
2 3
33 34