You are on page 1of 3

Metasploit Project

The Metasploit Project is a computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the open-source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive, and security research. The Metasploit Project is also well known for anti-forensic and evasion tools, some of which are built into the Metasploit Framework.

History
Metasploit was created by HD Moore in 2003 as a portable network tool using the Perl scripting language. [2] Later, the Metasploit Framework was completely rewritten in the Ruby programming language. On [3] October 21, 2009 the Metasploit Project announced that it had been acquired by Rapid7, a security company that provides unified vulnerability management solutions. Like comparable commercial products such as Immunity's Canvas or Core Security Technologies' Core Impact, Metasploit can be used to test the vulnerability of computer systems to protect them or to break into remote systems. Like many information security tools, Metasploit can be used for both legitimate and unauthorized activities. Since the acquisition of the Metasploit Framework, Rapid7 has added two open core proprietary editions called Metasploit Express and Metasploit Pro. Metasploit's emerging position as the de facto exploit development framework has led in recent times to the release of software vulnerability advisories often accompanied by a third party Metasploit exploit [5][6] module that highlights the exploitability, risk, and remediation of that particular bug. Metasploit 3.0 (Ruby language) is also beginning to include fuzzing tools, used to discover software vulnerabilities, rather than just exploits for currently public bugs. This new avenue has been seen with the integration of the lorcon wireless (802.11) toolset into Metasploit 3.0 in November 2006. Metasploit 4.0 was released in August 2011.
[4]

Page 1 of 3

To choose an exploit and payload. Choosing and configuring an exploit (code that enters a target system by taking advantage of one of its bugs. The web interface is intended to be run from the attacker's computer. 2. This modularity of allowing to combine any exploit with any payload is the major advantage of the Framework: it facilitates the tasks of attackers. exploit writers. 3. Choosing the encoding technique to encode the payload so that the intrusion-prevention system (IPS) will not catch the encoded payload. Checking whether the intended target system is susceptible to the chosen exploit (optional). and also on Windows. Choosing and configuring a payload (code that will be executed on the target system upon successful entry. Metasploit runs on all versions of Unix (including Linux and Mac OS X). [citation needed] Page 2 of 3 . Vulnerability scanners such as NeXposeor Nessus can detect the target system vulnerabilities. 4. for instance. Metasploit can import vulnerability [7] scan data and compare the identified vulnerabilities to existing exploit modules for accurate exploitation. some information about the target system is needed. Executing the exploit. and payload writers. This information can be gleaned with port scanning and OS fingerprinting tools such as nmap. Unix/Linux and Mac OS X systems are included). 5.Metasploit Framework The basic steps for exploiting a system using the Framework include: 1. about 800 different exploits for Windows. a remote shell or a VNC server). It includes two command-line interfaces. such as operating system version and installed network services. The Metasploit Framework can be extended to use external add-ons in multiple languages. a web-based interface and a native GUI.

This allows one to write buffer overflow exploits which work across different versions of the target operating system. social engineering campaigns. an open-core commercial edition for security teams who need to verify vulnerabilities. [edit]Shellcode Database The Shellcode database contains the payloads (also known as shellcode) used by the Metasploit Framework. it offers a graphical user interface. Page 3 of 3 . including:   Command shell enables users to run collection scripts or run arbitrary commands against the host. module browsing. and manual exploitation. [edit]Payloads Metasploit offers many types of payloads.Built on the Metasploit Framework. [edit]Metasploit Express In April 2010. and they are all documented and conveniently searchable in the Opcode Database. [edit]Metasploit Pro In October 2010. Rapid7 added Metasploit Pro. and adds smart bruteforcing as well as automated evidence collection. web-based user interface for Metasploit. an open-core commercial Metasploit edition for penetration testers. a free. upload and download files. Metasploit Community is included in the main installer. Metasploit Pro includes all features of Metasploit Express and adds web application scanning and exploitation. Rapid7 released Metasploit Express. These positions differ in the various versions and patch-levels of a given operating system. Metasploit Community is based on the commercial functionality of the paid-for editions with a reduced set of features. Rapid7 released Metasploit Community Edition. Buffer overflow exploits on Windows often require precise knowledge of the position of certain machine language opcodes in the attacked program or included DLLs. [edit]Opcode Database The Opcode Database is an important resource for writers of new exploits. integrates nmap for discovery. and VPN pivoting. These are written in assembly language and full source code is available. Meterpreter enables users to control the screen of a device using VNC and to browse.Metasploit Community Edition In October 2011. including network discovery.