As an Ethical Hacker, you will be using “Kali Distribution” which has the Metasploit community version embedded in it along with other ethical hacking tools. But if you want to install Metasploit as a separate tool, you can easily do so on systems that run on Linux, Windows, or Mac OS X.
The hardware requirements to install Metasploit are −
- 2 GHz+ processor
- 1 GB RAM available
- 1 GB+ available disk space
To open in Kali, go to Applications → Exploitation Tools → metasploit.
Exploits of Metasploit :From Vulnerability Scanner, we found that the Linux machine that we have for test is vulnerable to FTP service. Now, we will use the exploit that can work for us. The command is −
The screen will appear as follows −
use “exploit path”
Metasploit Payloads :Payload, in simple terms, are simple scripts that the hackers utilize to interact with a hacked system. Using payloads, they can transfer data to a victim system.
Metasploit payloads can be of three types −
- Singles − Singles are very small and designed to create some kind of communication, then move to the next stage. For example, just creating a user.
- Staged − It is a payload that an attacker can use to upload a bigger file onto a victim system.
- Stages − Stages are payload components that are downloaded by Stagers modules. The various payload stages provide advanced features with no size limits such as Meterpreter and VNC Injection.
Payload Usage − Example :We use the command show payloads. With this exploit, we can see the payloads that we can use, and it will also show the payloads that will help us upload /execute files onto a victim system.
Set the listen host and listen port (LHOST, LPORT>
set PAYLOAD payload/path
which are the attacker IP and port. Then set remote host and port (RPORT, LHOST>
which are the victim IP and port.