1
00:00:00,300 --> 00:00:05,010
‫Now, I think one can more easily understand the Metasploit architecture by taking a look under its

2
00:00:05,010 --> 00:00:07,800
‫hood and learning how to use Metasploit.

3
00:00:08,130 --> 00:00:12,300
‫It's better to take some time to make ourselves familiar with its file system.

4
00:00:13,900 --> 00:00:16,540
‫So let's go to Carly and open a terminal screen.

5
00:00:17,910 --> 00:00:22,650
‫To find the location of Metasploit Framework, I use the Locate Command.

6
00:00:26,290 --> 00:00:31,270
‫So here is the Metasploit Framework home use the CD command to go there.

7
00:00:35,490 --> 00:00:40,860
‫And yells Command to see the files and folders inside the Metasploit home folder.

8
00:00:42,640 --> 00:00:43,510
‫So look at this.

9
00:00:43,540 --> 00:00:48,490
‫There are executables and directories, and of course, I'm in folders here.

10
00:00:49,620 --> 00:00:52,920
‫So note that near the bottom, there's a directory called scripts.

11
00:00:53,580 --> 00:00:59,250
‫Now this includes, among other things, interpreter scripts such as hash dump that enables us to gather

12
00:00:59,250 --> 00:01:01,530
‫user hashes of the exploited system.

13
00:01:02,340 --> 00:01:08,250
‫Also note that the executables MSF console, MSF Update, MSF, Venom and more.

14
00:01:08,970 --> 00:01:16,950
‫MSF Venom is the Metasploit standalone payload generator, and we're going to see massive console and

15
00:01:16,950 --> 00:01:18,750
‫the MSF update in detail.

16
00:01:20,040 --> 00:01:22,590
‫So let us now explore the Metasploit modules.

17
00:01:23,490 --> 00:01:25,710
‫These are the blood and guts of motorsport.

18
00:01:26,370 --> 00:01:32,310
‫You cede command to enter the Modules Directory and the list command to see the files.

19
00:01:34,010 --> 00:01:39,590
‫Now, I hope you're seeing what I'm seeing, because Metasploit contains multiple modules, so these

20
00:01:39,590 --> 00:01:45,200
‫include source codes which exploit the vulnerabilities are in the exploits folder.

21
00:01:46,790 --> 00:01:52,100
‫And as I told you before, the payload is the portion of the malware which performs malicious action.

22
00:01:52,670 --> 00:01:55,070
‫The payloads are located in the Payloads folder.

23
00:01:56,350 --> 00:02:03,370
‫Encoders inside the encoders folder are the various algorithms and encoding schemes that Metasploit

24
00:02:03,370 --> 00:02:05,830
‫can use to re encode the payloads.

25
00:02:06,700 --> 00:02:11,950
‫These may be used to bypass the security measures such as IDs, IPS or firewalls.

26
00:02:12,760 --> 00:02:17,740
‫Auxiliary modules are for a variety of purposes other than exploitation.

27
00:02:18,460 --> 00:02:23,320
‫You can create your own quick vulnerability scanners, port scanners and do a whole lot of other cool

28
00:02:23,320 --> 00:02:23,680
‫stuff.

29
00:02:24,830 --> 00:02:32,060
‫Modules used for post exploitation are in a post folder, and as I told you before, the post exploitation

30
00:02:32,570 --> 00:02:40,340
‫basically uses the exploited system as much as possible so we can collect more data and compromise more

31
00:02:40,340 --> 00:02:42,050
‫systems in the target network.

32
00:02:43,650 --> 00:02:50,730
‫And here is no operation abbreviated A.P. modules inside, they're not folder.

33
00:02:51,270 --> 00:02:57,550
‫Keep the payload sizes consistent, so let's look inside the exploits folder in detail.

34
00:02:58,260 --> 00:03:04,530
‫Again, the CD command to get in the allies command to look at the files and folders inside.

35
00:03:05,590 --> 00:03:11,140
‫They exploited Holder is basically broken down into subdirectories that are specific to the operating

36
00:03:11,140 --> 00:03:12,670
‫system and device types.

37
00:03:12,940 --> 00:03:20,080
‫We're attempting to exploit, for instance, you can see at the top the X folder, which contains the

38
00:03:20,080 --> 00:03:28,390
‫exploits developed for IBM's proprietary Unix operating system, and the Multi folder contains the exploits

39
00:03:28,390 --> 00:03:30,790
‫which run in cross platforms.

40
00:03:32,420 --> 00:03:41,120
‫So drilled down further into the exploit folder, I want to go to Windows Bellis to see the folder details.

41
00:03:42,260 --> 00:03:47,060
‫Now we can see that the Windows exploits are broken down into types of windows exploits.

42
00:03:47,630 --> 00:03:51,650
‫It's important to note that the exploits are very specific.

43
00:03:52,490 --> 00:04:00,200
‫Not only are they operating system specific, but also application or service specific, port specific

44
00:04:00,470 --> 00:04:02,720
‫and sometimes even language specific.

45
00:04:04,030 --> 00:04:06,970
‫So let's look inside one of the sub folders here.

46
00:04:07,540 --> 00:04:09,430
‫I'll choose the SMB folder.

47
00:04:10,420 --> 00:04:13,360
‫And here are the exploit codes for SMB service.

48
00:04:13,790 --> 00:04:18,460
‫Peace exec, for example, one of them, which we will be using in this course.

49
00:04:19,490 --> 00:04:22,280
‫So now let's turn back to the Modules folder.

50
00:04:26,740 --> 00:04:28,960
‫Now I'd like to show you the payloads folder.

51
00:04:30,740 --> 00:04:36,680
‫Now, if you can see here, the payloads are grouped by the types, singles, stages and stages.

52
00:04:37,190 --> 00:04:38,990
‫We'll talk about them in the following lectures.

53
00:04:39,860 --> 00:04:43,730
‫Now let's see what's inside the subfolders, for example, singles.

54
00:04:44,570 --> 00:04:49,970
‫And once again, we can see that the Metasploit Framework categorizes the payloads by operating system

55
00:04:49,970 --> 00:04:50,840
‫and device types.

56
00:04:51,500 --> 00:04:57,050
‫I'll go to the generic folder and list the files and folders with the illness command.

57
00:04:57,470 --> 00:05:00,050
‫And here are the source codes of the generic payload.