Chapter 6. Owning Metasploit
In this chapter, we are going to extend the content of the preceding chapter. You know the basics of interacting with Metasploit. But Metasploit is a deep resource, and, so far we’ve managed to just scratch the surface. In this chapter, we’re going to dig a little deeper. We’ll walk through an entire exploit from start to finish in the process. This includes doing scans of a network looking for targets, and then running an exploit to gain access. We’ll take another look at Meterpreter, the OS-agnostic interface that is built into some of the Metasploit payloads. We’ll see how the payloads work on the systems so you understand the process. We’ll also take a look at gaining additional privileges on a system so we can perform other tasks, including gathering credentials.
One last item that’s really important is pivoting. Once you have gained access to a system in an enterprise, especially a server, you will likely find that it is connected to other networks. These networks may not be accessible from the outside world, so we’ll need to take a look at how to gain access from the outside world by using our target system as a router and passing traffic through it to the other networks it has access to. This is how we start moving deeper into the network, finding other targets and opportunities for exploitation.
As you are moving deeper into the network and exploiting additional systems, you need to pay close attention to the scope of your engagement. ...