CHAPTER 6
Owning Metasploit
In this chapter, we are going to extend the content of the preceding chapter. You
know the basics of interacting with Metasploit. But Metasploit is a deep resource,
and, so far we’ve managed to just scratch the surface. In this chapter, we’re going to
dig a little deeper. We’ll walk through an entire exploit from start to finish in the pro‐
cess. This includes doing scans of a network looking for targets, and then running an
exploit to gain access. We’ll take another look at Meterpreter, the OS-agnostic inter‐
face that is built into some of the Metasploit payloads. We’ll see how the payloads
work on the systems so you understand the process. We’ll also take a look at gaining
additional privileges on a system so we can perform other tasks, including gathering
credentials.
One last item that’s really important is pivoting. Once you have gained access to a sys‐
tem in an enterprise, especially a server, you will likely find that it is connected to
other networks. These networks may not be accessible from the outside world, so
we’ll need to take a look at how to gain access from the outside world by using our
target system as a router and passing traffic through it to the other networks it has
access to. This is how we start moving deeper into the network, finding other targets
and opportunities for exploitation.
Ethical Note
As you are moving deeper into the network and exploiting addi‐
tional systems, you need to pay close attention to the scope of your
engagement. Just because you can pivot into another network and
find more targets doesn’t mean you should. Ethical considerations
are essential here.