Wednesday, February 1, 2012

Metasploit at Glance

There're a lot of explanation of metasploit out there. Buy I'll try to explain it with my point of view.

Metasploit is the name of a project and a framework. 
a. Metasploit Project
Metasploit   project   is   an   open-source,   computer   security   project   that provides information about security vulnerabilities and aids in penetration testing. Some of its sub-projects are the famous metasploit framework, opcode database, shellcode archive, and security research. Simply, metasploit project is the procjet or activity around computer security section and the one that created metasploit framework.

b. Metasploit Framework
Metasploit framework is the sub-project from metasploit project. It is a powerfull exploitation toolkit developed by H.D Moore  in 2003.  At first  it  is only used for portable network tools developed using Perl language, and then as time passed by more programming language used to develop it, both the framework itself and the exploit. The   architecture   of   the   framework   is didived   into  three categories : libraries, interfaces (msfcli,msfconsole,msfgui), and modules(exploits,   payloads,  auxiliaries, encoders, nops). Each with its own meaning and purpose.

Lets know more about the modules :
a. Exploit
Exploit is a proof-of-concept code developed to attack a certain vulnerable point on a system.
b. Payload
Payload is the part of an exploit to run malicious programs or commands on an exploited system.
c. Auxiliaries
Auxiliaries   are   the   set   of   tools   integrated   in  metasploit   framework to   do scanning, sniffing, fingerprinting and other security assessment task.
d. Encoders
Encoders is the tools to encode the payload code to evade the detection of AV, IDS, IPS and other defensife software.
e. NOP Stands for (No Operation or No Operation Performed) is an assembly language instruction   often   added   to   a   shellcode   to   perform  nothing   but   to cover a consistent payload space. 

The   interfaces   (msfcli,   msfconsole,msfgui)   have   its   own   strengths and weaknesses.  However,   the most  advanced and most  handy one  is  the msfconsole because it suports most of the framework features.

"the quieter you become, the more you are able to hear.."

2 comments:

Unknown said...

Metasploit network security software,Thanks for sharing such an informative article.

Download Metasploit network security software

Unknown said...

plz plz whare i can download this book wrote for English help plz

Post a Comment