According to Rapid7 (company behind the project) web site, Metasploit framework is the World's most used open source penetration testing software. It can be either used for offensive or defensive purposes by hackers. Metasploit framework is available in many Linux distributions such as Kali (old name Backtrack). However, in this tutorial , Metasploit software will be installed on the Ubuntu 16.04 LTS.
Following are two versions of Metasploit framework;
- Metasploit Pro (Paid and full features)
- Metasploit Community (free and limited functionality )
It is required to register on the Rapid7 website to download the Metasploit installer. First you have to download Metasploit community version of the framework.
Fill following registration form to download installer and receive 1 year license key in the provided email id.
After successful submission of above form will prompt following more options.
Download the Metasploit installer for the desired operating system(Linux in this tutorial).
Installer downloading progress is shown in following snapshot.
As per 2nd step given on the Rapid7 website, Metasploit software also uses few same techniques as malware and malicious attackers to audit your security. Before the installation and during its use, please switch off anti-virus solutions and local firewall to run Metasploit properly.
And the last step is activating the Metasploit framework using license key.
Metasploit installer can be download using wget command.
Run following command to set executable permission on the installer script.
chmod +x metasploit-latest-linux-x64-installer.run
As shown in the following snapshot, installer script is executed in the terminal.
Installer prompts the setup wizard of Metasploit framework.
Click on the Forward button and accept the agreement for further installation.
On the next prompt, choose a folder for Metasploit installation. Default installation path is /opt/metasploit directory.
Install Metasploit as a service to start it on each boot.
Disable antivirus and firewall to start Meatsploit software.
The default ssl port of Metasploit service is 3790. However, it can be changed by user during installation process.
Generation of SSL certificate for Metasploit service is shown below.
As shown in the following screenshot, Metasploit setup is ready to install it on the Virtual Machine (VM).
Installation process is started and shown below.
Finally, setup wizard is finish and Metasploit Web user interface will be open.
Welcome page after setup wizard is shown below.
As shown in the above snapshot, visit following URL to start using Metasploit framework
Following exception shows that connection is not secure. Therefore, add exception and accept the Metasploit generated certificate.
Adding browser exception to accept the certificate.
Confirming security exception to begin web interface over https.
As shown in following snapshot, create a user to access the web interface of Metasploit framework.
Following figure shows that product key is entered to activate the software.
As shown in the following figure, product is successfully activate and restart is also required for Metasploit instance.
As shown in following figure that first project created in the Metasploit web interface is default.
Click on the name of the project to see more associated options.
Above screenshot shows the overview of the project like discovered hosts, services, vulnerabilities etc. Top menu shows the available features in the Metasploit framework and most of feature required paid license to use.
Following figure shows that scan feature of Metasploit tool to discover the hosts in the network.
Address (192.168.1.1) is given in the target setting area with default scan options.
Nmap is integrated with Metasploit framework to perform host discovery. Progress of Nmap scan is shown below.
Click on Host option under Analysis menu to view the scan result.
Details of target are shown in the following figure. The target in this scan is DSL router which is using Linux 2.6.X kernel and hostname is Broadcom.Home.
Three services (dns,http and telnet) are open on the dsl router and no vulnerability is found on the target.
Many features in the community version of Metasploit are only for trial. As shown in the following few screenshots, automatic exploitation, brute force and reporting feature required paid license.
Automatic Exploitation feature
Nexpose (another project of Rapid7) plugin is also integrated which detects vulnerabilities, prioritize remediation and improve the security outcomes. Nexpose is alternative for Nessus and OpenVAS security scanners.
The Metasploit framework is comprehensively explored in this tutorial and installed on the Ubuntu platform. It is ranked as top security tool in the open source community. It is used by security professionals to perform penetration testing.