上QQ阅读APP看书,第一时间看更新
Recalling the basics of Metasploit
After we run Metasploit, we can list all the useful commands available in the framework by typing help or ? in the Metasploit console. Let's recall the basic terms used in Metasploit, which are as follows:
- Exploits: This is a piece of code that, when executed, will exploit the vulnerability of the target.
- Payload: This is a piece of code that runs at the target after successful exploitation. It defines the actions we want to perform on the target system.
- Auxiliary: These are modules that provide additional functionalities such as scanning, fuzzing, sniffing, and much more.
- Encoders: Encoders are used to obfuscate modules to avoid detection by a protection mechanism such as an antivirus or a firewall.
- Meterpreter: Meterpreter is a payload that uses in-memory DLL injection stagers. It provides a variety of functions to perform at the target, which makes it a popular choice.
Now, let's recall some of the basic commands of Metasploit that we will use in this chapter. Let's see what they are supposed to do:
Let's have a look at the basic Meterpreter commands as well:
Since we have now recalled the basics of Metasploit commands, let's have a look at the benefits of using Metasploit over traditional tools and scripts in the next section.
If you are using Metasploit for the very first time, refer to https://www.offensive-security.com/metasploit-unleashed/msfconsole-commands/ for more information on basic commands.