Codelivly  

Home » Ethical hacking » Metasploit » How to Use Metasploit in Kali Linux: A Step-By-Step Tutorial

METASPLOIT

How to Use Metasploit in Kali Linux: A

Step-By-Step Tutorial
By Rocky ◆ March 16, 2023 ◆ Updated: March 17, 2023  No Comments  8 Mins Read

 Share     

Metasploit is a powerful framework for penetration testing and vulnerability assessment. It

can be used to test the security of networks, servers, and applications. Kali Linux is a popular
distribution of Linux that comes pre-installed with many security tools, including Metasploit.
In this tutorial, I will provide a step-by-step guide on how to use Metasploit in Kali Linux.
What Is msfconsole?
msfconsole is the most commonly used shell-like all-in-one interface that allows you to
access all features of Metasploit. It has Linux-like command-line support as it offers
command auto-completion, tabbing, and other bash shortcuts.
It’s the main interface that’ll allow you to work with Metasploit modules for scanning and
launching an attack on the target machine. Consider checking the Mastering Metasploit: The
Ultimate Cheat Sheet
Metasploit Modules
Metasploit has small code snippets that enable its main functionality. However, before
explaining the modules, you must be clear about the following recurring concepts:
Vulnerability: It is a flaw in the design or code of the target that makes it vulnerable to
exploitation leading to the disclosure of confidential information.
Exploit: A code that exploits the found vulnerability.
Payload: It’s a code that helps you achieve the goal of exploiting a vulnerability. It runs
inside the target system to access the target data, like maintaining access via
Meterpreter or a reverse shell.
Now moving towards the five main modules of Metasploit:
Auxiliary: The auxiliary module contains a set of programs such as fuzzers, scanners,
and SQL injection tools to gather information and get a deeper understanding of the
target system.
Encoders: Encoders encrypt the payloads/exploits to protect them against signature-
based antivirus solutions. As payloads or exploits contain null or bad characters, there
are high chances for them to be detected by an antivirus solution.
Exploit: As discussed earlier, an exploit is a code that leverages the target vulnerabilities
to ensure system access via payloads.
Payload: As mentioned before, payloads help you achieve the desired goal of attacking
the target system. That means they will either help you get an interactive shell or help
you maintain a backdoor, run a command or load malware, etc. Metasploit offers two
types of payloads: stageless payloads and staged payloads.
 Post: The post-exploitation module will help you gather further information about the
system. For instance, it can help you dump the password hashes and look for user
credentials for lateral movement or privilege escalation.
You can use the following commands to view each module and its categories:

cd /usr/share/metasploit-framework/modules
ls
tree -L 1 module-name/

Why Learn and Use Metasploit?

Before tools like Metasploit came along, penetration testers had to carry out all tasks
manually using various tools, some not even supported by the target system. They had to
code their tools and scripts from scratch before deploying them manually on the target
system or network. A term like ‘Remote testing’ used today was uncommon. However, that
has changed with Metasploit.
This framework comes with more than 1677 exploits (regularly updated) for over 25
platforms. That includes Android, Windows, Linux, PHP, Java, Cisco, etc. It also comes with
more than 500 payloads which include:
Dynamic payloads that enable users to generate payloads and scripts that are
undetectable by antiviruses.
Command shell payloads that enable users to gain access and execute commands/
scripts on the target machine.
Meterpreter payloads provide users with an interactive command-line shell that you can
use to explore and exploit the target machine.

Minimum System Requirements for Metasploit

Kali Linux (in its barebones state) can run on as little as 128MB of RAM and 2GB of disk
space, but this isn’t sufficient to run Metasploit Framework. For that, the minimum system
requirements are:
 Processor: 2GHz+ processing power
Memory: 4GB of RAM (8GB is recommended)
Storage: 1GB of disk space (50GB is recommended)
Note: If you are installing Metasploit Framework as a stand-alone application on Windows,
Linux, or OSX, you should disable your antivirus software and firewall as these can interfere
with installation and operation!

Setup Your Virtual Lab

If you don’t want to install Kali Linux as Dual Boot in Windows then you can
Install VMware or Virtual Box in Windows. VMware helps you to run Kali Linux inside Windows.
VMware or Virtual Box are easy to use. You can setup your virtual penetration testing lab by
following this tutorial:

How To Install Kali Linux in VirtualBox (2022) | Kali Linux 2022.1

Kali Linux Basics

You need a basic Kali Linux usage knowledge to use Metasploit for Hacking. If you don’t have
any experience of using Kali Linux, Don’t Worry. You can get the free training from Offensive
Security from the following link:
https://kali.training/lessons/introduction/

Basic Python Programming and Bash Scripting

You must have a basic programming language knowledge in Python. Hackers mostly used
Python for hacking purposes. Bash Scripting is used for the automation of tasks and you can
learn Python and Bash Scripting in Free from Udemy:
https://www.udemy.com/python-programming-beginners/
https://www.udemy.com/bash-shell-scripting-tutorial-for-beginners/

How to Use Metasploit’s Interface: msfconsole

To begin using the Metasploit interface, open the Kali Linux terminal and type msfconsole.
By default, msfconsole opens up with a banner; to remove that and start the interface in quiet
mode, use the msfconsole command with the -q flag.
The interface looks like a Linux command-line shell. Some Linux Bash commands it supports
are ls, clear, grep, history, jobs, kill, cd, exit, etc.
Type help or a question mark “?” to see the list of all available commands you can use inside
msfconsole. Some of the most important ones that we will use in this article are:

Command Description
search Allows you to search from the Metasploit database based on the given
protocol/application/parameter
use Allows you to choose a particular module and changes the context to module-
specific commands
info Provides information about the selected module
show Displays information about the given module name and options for the current
module
check Checks if the target system has a vulnerability
 Command Description
set It’s a context-specific variable that configures options for the current module
unset Removes previously set parameters
run Executes the current module

Before beginning, set up the Metasploit database by starting the PostgreSQL server and
initialize msfconsole database as follows:

systemctl start postgresql

msfdb init

Now check the database status by initializing msfconsole and running

the db_status command.

MySQL Exploitation Using Metasploit

For demonstration purposes, set up the open-source vulnerable Linux machine
Metasploitable2.
MySQL Reconnaissance With msfconsole
Find the IP address of the Metasploitable machine first. Then, use the db_nmap command in
msfconsole with Nmap flags to scan the MySQL database at 3306 port.

db_nmap -sV -sC -p 3306 <metasploitable_ip_address>

You can run the regular nmap -p- <metasploitable_ip_address> command to confirm MySQL
database’s port number.
Use the search option to look for an auxiliary module to scan and enumerate the MySQL
database.
 search type:auxiliary mysql

From the above list, you can use the auxiliary/scanner/mysql/mysql_version module by
typing the module name or associated number to scan MySQL version details.

use 11

Or:

use auxiliary/scanner/mysql/mysql_version

Now use the show options command to display the necessary parameters required for
executing the current module:
The output displays that the only required and unset option is RHOSTS which is the IP
address of the target machine. Use the set rhosts command to set the parameter and run the
module, as follows:
The output displays the similar MySQL version details as the db_nmap function.
Bruteforce MySQL Root Account With msfconsole
After scanning, you can also brute force MySQL root account via
Metasploit’s auxiliary(scanner/mysql/mysql_login) module.
You’ll need to set the PASS_FILE parameter to the wordlist path available
inside /usr/share/wordlists:

set PASS_FILE /usr/share/wordlistss/rockyou.txt

Then, specify the IP address of the target machine with the RHOSTS command.
 set RHOSTS <metasploitable-ip-address>

Set BLANK_PASSWORDS to true in case there is no password set for the root account.

set BLANK_PASSWORDS true

Finally, run the module by typing run in the terminal.

MySQL Enumeration With msfconsole
msfconsole also allows you to enumerate the database with the help of
the auxiliary(admin/mysql/mysql_enum) module. It returns all the accounts with details
such as associated privileges and password hashes.
To do that, you’ll have to specify the password, username, and rhosts variable.

set password ""

set username root
set rhosts <metasploitable-ip-address>

Finally, run the module by typing:

run

MySQL Exploitation With msfconsole

From the enumeration phase, it’s clear that the root account has file privileges that enable an
attacker to execute the load_file() function. The function allows you to exploit the MySQL
database by loading all data from the /etc/password file via
the auxiliary(/admin/mysql/mysql_sql) module:
Again, set the username, password, and rhosts variable. Then, execute a query that invokes
the load_file() function and loads the /etc/passwd file.

set sql select load_file(\"/etc/password\")

Learn Metasploit for Penetration Testing on Linux

Metasploit modules help in all phases of penetration testing. Metasploit also enables users to
create their own modules.
This article summarizes some main modules of the Metasploit framework and demonstrates
how to scan, enumerate, and exploit a MySQL database on the Metasploitable 2 machine.
Metasploit isn’t the only penetration testing tool that you’ll use as a cybersecurity
professional. There are several other utilities that you’ll need to familiarize yourself with if you
want to become a security expert.

Conclusion
Congratulations!!!.. You have successfully learned “How to Use Metasploit for Hacking in Kali
Linux”. I hope now you have good knowledge of using Metasploit in Kali Linux.

Metasploit

     

 PREVIOUS ARTICLE NEXT ARTICLE 

It’s Time To Create A Private ChatGPT Mastering Metasploit: The Ultimate

For Yourself Today Cheat Sheet for Exploit Development,
Post-Exploitation, and More
 Rocky     

Rocky is a versatile author sharing in-depth tutorials on web development, AI, and ethical
hacking. Unlock new possibilities and expand your knowledge with Rocky's empowering
content.

Related Posts

ETHICAL HACKING METASPLOIT

Exploring Metasploit: The Powerhouse of Exploit Development Made Easy:

Penetration Testing Generating Payloads In Metasploit
March 30, 2024 April 1, 2023

CHEATSHEET

Mastering Metasploit: The Ultimate Cheat

Sheet for Exploit Development, Post-
Exploitation, and More
March 17, 2023

ADD A COMMENT
 Search … SEARCH

Support Us

ABOUT US

This is the Codelivly blog. Here, you will find articles discussing various topics related to coding
and programming. Our goal is to provide helpful resources and advice for beginners and
experienced coders alike.

RECENT POSTS

So You Want to Be a Hacker: 2024 Edition

What is Active Directory? A Beginner’s Guide
Mastering Networking Fundamentals: A Comprehensive Guide for Hackers
Multiple Ways To Exploiting HTTP Authentication
Bypassing Two-Factor Authentication

IMPORTANT PAGE

About Us
Advertise With Us
Contact US
Privacy Policy
Refund Policy
Write For Us

     

© 2024 Codelivly. All Right Reserved