So, I have been lucky enough to be working my way through this newly released book Metasploit5 Basics for Hackers by Occupy the Web who you know I am a fan of from ‘Linux Basics for Hackers’ by Occupy the Web & No Starch Press (Review) and ‘Getting Started Becoming a Cyber Warrior’ by Occupy the Web (Review) and An Interview with Hacker & Author Occupy the Web.
Metasploit 5 was released at the end of 2019 and brings many new features, including new database and automation APIs, evasion modules and libraries, language support, improved performance, and ease-of-use.
As the first major Metasploit release since 2011, Metasploit 5.0 brings many new features, as well as a fresh release cadence.
Metasploit users can now:-
- Run the PostgreSQL database by itself as a RESTful service, which allows for multiple Metasploit consoles and external tools to interact with it.
- Parallel processing of the database and regular msfconsole operations improves performance by offloading some bulk operations to the database service.
- A JSON-RPC API enables users to integrate Metasploit with additional tools and languages.
- This release adds a common web service framework to expose both the database and the automation APIs; this framework supports advanced authentication and concurrent operations. Read more about how to set up and run these new services here.
- Add evasion module type and libraries to let users generate evasive payloads without having to install external tools. Read the research underpinning evasion modules here. Rapid7’s first evasion modules are here.
- The metashell feature allows users to run background sessions and interact with shell sessions without needing to upgrade to a Meterpreter session.
- External modules add Metasploit support for Python and Go in addition to Ruby.
- Any module can target multiple hosts by setting RHOSTS to a range of IPs, or by referencing a hosts file with the file:// option. Metasploit now treats RHOST and RHOSTS as identical options.
- An updated search mechanism improves Framework start time and removes database dependency.
And now onto the book.
This volume, “Metasploit5 Basics for Hackers,” is meant to fill a gap in the industry for simple to use instruction on employing the open source exploitation framework, Metasploit, for penetration testing.
The book covers the following topics.
- Section 1: Getting Started
- Section 2: Metasploit Under the Hood
- Section 3: The Hacking/Exploitation Process
- Section 4: IoT Exploitation with Metasploit
- Section 5: Post Exploitation
- Section 6: Creating Custom Payloads in Metasploit
- Section 7: Metasploit Miscellaneous
Getting Started is section 1 and we cover ‘Preparing for your Penetration Test’ and ‘Getting Started with Metasploit’ which is pretty much straight forward from what is Metasploit to how it works.
Section 2 is Under the Hood where there is chapters ‘Under the Hood of Metasploit’, ‘Metasploit Payloads’, ‘Connecting and Using the postgresql Database’, ‘The Armitage GUI’ and ‘Adding a New Module to Metasploit’.
As always, a great section but as with all his books he has a great way of explaining things which I really like for instance “In machine language, a NOP is short for “no operation.” This causes the system’s CPU to do nothing for a clock cycle.”
I don’t want to go through the book chapter by chapter but you get the following chapters as well though the book.
- Scanning and Vulnerability Assessment
- Exploiting File Format Vulnerabilities
- Exploiting an Email Server
- Web Delivery to Windows Powershell
- SCADA/ICS Hacking in Metasploit
- Exploiting the modbus protocol
- Exploiting the Human Machine Interface (HMI)
- Automobile Hacking with Metasploit
- Post Exploitation Section 7(Web Cam, Microphone, mimikatz)
- Pivoting to Control the Network
- Creating Custom Payloads with msfvenom
- Gaining Control when You Have Physical Access
- Android Hacking with Metasploit
- The New Evasion Modules
- Updating the msfconsole
And YES, you did see both ‘Automobile Hacking with Metasploit’ and ‘Android Hacking with Metasploit’ in the chapters above which are fascinating.
This book covers interesting Metasploit topics which are useful in the exploitation phase of target machines, A decent primer if you’ve never touched Metasploit or want to learn more about it in depth.
As always Occupy the Web is very good with in-depth explanation, he discusses everything that you should know about Metasploit and explains the phases of hacking, It is complete from the beginning information gathering to post exploitation at the end.
Occupy the Web = https://www.hackers-arise.com/
Occupy the Web Twitter = https://twitter.com/three_cube