Understand and use the Metasploit Framework for basic operations

Business Scenario

You are a Junior Security Analyst tasked with assessing a vulnerable test machine within a cybersecurity training environment. Your objective is to use the Metasploit Framework to identify an available exploit, configure the required parameters, and successfully gain access to the target system for educational purposes.

Pre-Lab Preparation

  • Kali Linux installed

  • Metasploitable 2 VM running

  • Network connectivity between both machines

  • Basic Linux command knowledge

Topic : Exploitation and Attack Techniques

1) Introduction to Metasploit Framework 

2) Basic exploitation techniques 

3) Password attacks basics

Pre-requisites

Task 1: Launch Metasploit Framework

Objective

1

Start and explore the Metasploit console.

Steps

a

  • Open Terminal in Kali Linux.

  • Start Metasploit:

Msfconsole

  • Wait for the framework to load.

b

Verify

Display framework version:

version

Screenshot showing successful launch of msfconsole.

Task 2: Explore Metasploit Components

Objective

1

Understand different module types.

Steps

a

List available exploits:

show exploits

List available payloads:

show payloads

List auxiliary modules:

show auxiliary

Task 3: Search for an Exploit

Objective

1

Find an exploit for a vulnerable service.

Steps

a

Search for VSFTPD exploit:

search vsftpd

Task 4: Configure Exploit Parameters

Objective

1

Set required options.

Steps

a

Display required settings:

show options
#Set target IP:
set RHOSTS <Target_IP>
#Verify configuration:
show options

Task 5: Understand Payloads

Objective

1

View available payloads.

Steps

a

Display required settings:

show payloads
#Select payload (if required):
set PAYLOAD cmd/unix/interact
#Verify settings:
show options

Great job! 


You have successfully completed your lab on Exploring Metasploit Components.

In this lab, you have: Understood the purpose of the Metasploit Framework, Explored the Metasploit console interface, Identified key components such as modules, payloads, exploits, and auxiliary tools, Learned how Metasploit organizes and manages different modules, Explored the basic commands used for navigation and information gathering within Metasploit.

You are now ready to move to the next stage of your cybersecurity learning journey.

Checkpoint

Next-Lab Preparation

Topic : Exploitation and Attack Techniques

1) Introduction to Metasploit Framework 

2) Basic exploitation techniques 

3) Password attacks basics