-
Metasploit is a powerful tool that facilitates the exploitation process. The exploitation process comprises three main steps; finding the exploit, customizing the exploit, and exploiting the vulnerable service.
-
Metasploit provides many modules that you can use for each step of the exploitation process. Through this repo, we have seen the basic components of Metasploit and their respective use.
-
We also had used the
ms17_010_eternalblueexploit to gain access to the target machine.
-
You should now have a better understanding of how Metasploit can help you identify potential vulnerabilities on target systems and exploit these vulnerabilities.
-
You have also seen how the database feature can help you with penetration testing engagements where you have multiple potential targets.
-
Finally, you should have gained some experience with msfvenom and the creation of stand-alone Meterpreter payloads.
-
This is especially helpful in situations where you can upload a file to the target system or have the ability to download files to the target system.
-
Meterpreter is a powerful tool that offers a lot of easy to use features during the post-exploitation phase.
-
We have seen how in-memory payloads can be used for post-exploitation.