For this lesson, you’ll need a Kali VM. (VMWare Local.)
Metasploit is a framework that has been developed over the last 20 years that allows for the automation of reconnaissance, exploitation, and post-exploitation. It’s extensible and new modules are constantly being released that automate the process of vulnerability assessment and penetration testing.
This Episode of Darknet Diaries is really good. It’s an interview with the creator of Metasploit. Metasploit has been a —very— controversial subject over the last couple of decades. It’s great to provide security professionals with tools that automate exploitation, but at the same time these tools are just as available to the bad guys.
There’s been a shift in recent years towards ‘responsible disclosure.’ When a vulnerability is discovered, a zero-day (key term), security professionals and independent researchers like bug-bounty hunters will go through a process like this:
- The vendor will be notified first and given time to patch
- Once a reasonable amount of time has passed, the disclosure will be made public.
- This public disclosure allows individuals and companies running unpatched systems the critical heads up they need to make sure they are secure.
I think the Darknet Diaries episode above really does a good job of illustrating exactly what has gone on in the cybersecurity industry that has led to this acceptance of this responsible disclosure process. Metasploit has played a big role here!
In this lab:
- We’ll work with Metasploit to utilize a built-in exploit module that ships with the framework.
- We’ll then download a recently disclosed exploit (as of the writing of this lesson), add it to Metasploit manually, and compromise a machine running a recently disclosed vulnerability.
Part 1: EternalBlue
- EternalBlue is a computer exploit developed by the U.S. National Security Agency (NSA). It was leaked by the Shadow Brokers hacker group on April 14, 2017.
- Another great Darknet Diaries episode that elaborates on what went down in April of 2017 can be found by clicking here.
- The NSA had this exploit tucked neatly away for years. The unauthorized release of these NSA tools in 2017 was a really big deal at the time.
- Most systems will be patched against the first exploit we’ll run here, but the walkthrough will provide an excellent example of how to use the Metasploit framework.
Metasploit is an open-source project that can be found on GitHub, but it ships by default with Kali Linux. Let’s start it as the root user. Type:
sudo su
msfconsole
When you start Metasploit it will give you a summary of the ‘modules’ that are available.