Saturday, February 11

Metasploit Basics

"Metasploit" is an entire framework that provides the infrastructure needed to automate routine,and complex tasks.This will in turn allow you to enter into the system remotely through these security flaws........


Throughout our Pentesting we will come across the following basic technical terms


Vulnerability: it is a hole or weakness that will allows an attacker to break into a system


Exploit: is the means by which an attacker takes advantage of a flaw within a system,an application....


Ex:buffer overflows,web application vulnerabilities (SQL injection) etc


Payload: is the code that we want the system to execute and that is to be delivered by the framework..
in simple it is nothing but the actual code which runs on system after exploitation


Ex: payload will create a reverse connection from the victim machine to attacker machine and it will appear in victim machine as normal application..


Module: A piece of software that can be used by the Metasploit framework..


Listener: Is a component with in Metasploit framework that waits for an  incoming connection...


Shell code:Shell code is a set of instructions used as a payload when exploitation occurs.It is typically written in assembly language.