Metasploit Pro Offline Activation File
Herodes Hamilton
Recently I have gained interest in Kali, especially frameworks such as Metasploit. Let's assume that I only have one computer that does not have access to the internet. I want to learn how to use tools and frameworks in Kali such as Metasploit. I have found many books that explain how to get started in Metasploit. Is there any way that I can use my computer as both the attacker and the target while staying offline?
Yes, but instead of that use a Virtualisation software like VirtualBox or VMware to install the victim machine or attacker machine (you don't want a vulnerable machine connected to the internet directly).
Read books like Metasploit: The Penetration Tester's Guide, it is a great book written by the developer of Metasploit. However, a lot of functionality of Metasploit has changed since the release of the book and there is no updated version of it.
So, I would recommend reading Penetration Testing - A Hands-On Introduction to Hacking. It is relatively new and a good book.
Maximum books start with windows XP, but unfortunately, Microsoft has ended their support for Windows XP. So, you will have a hard time in finding XP setup. Even if you manage to find windows XP, the vulnerability listed in books will be patched (unless you are using some online Pen-Testing lab, I will come to this later).Then you will say "What is the use of reading this book", it will teach you the basics of following things, "How to exploit known vulnerabilities" and many other ways on "How you can compromise a system". In the coming chapters you will find, they will exploit some known vulnerabilities and gain access to system and will try to teach you some Post-Exploitation (i.e what to do when you have compromised a system). There is one whole chapter on "Post-Exploitation" but you will need to use few tricks of Post-Exploitation every once in a while.
You will find it frustrating that you can't do anything about a patched vulnerability. Below I will describe a small trick to compromise a computer, so you can enjoy some Post-Exploitation until coming chapters.
Transfer this file to victim machine and disable windows firewall and AV as it will be detected by any AV (this is not a good method to compromise a system but to learn some Post-Exploitation you can use it). Do not open the file wait till you are done with all the steps. Again open a terminal and type msfconsole use multi/handler set payload windows/meterpreter/reverse_tcp set LHOST XXX.XXX.XX.X set LPORT XXX run (do not close this terminal, here you will get your meterpreter session after running the file on victim machine) When you are done with all of the above steps you can go to victim machine and run the generated exe file.
1- Read how to setup your lab from the book carefully otherwise above generated exe file will not work.
2- You can get your ip address by typing ifconfig (all these things are mentioned in lab configuration section, so go through it).
3- Make sure you have entered same LHOST and LPORT value at the specified place.
You can also learn from SecurityTube about Metasploit in Megaprimer section. The videos are free to watch but can subscribe to them and you can get access to their online lab. Then you will not have to go through all the troubles described above. It's your choice.
The above-generated file will work for windows only. But you can also use vulnerable Linux distro like metasploitable. These are specially designed vulnerable Linux distro and you will find several tutorial and books on how to exploit metasploitable.
If your machines are online, you will be playing a dangerous game my professor used to call "You may be a felon if..." One small mistake, such as incorrectly typing an IP address or using or attacking a computer you don't own, could result in dire consequences. That can be punishable under the CFAA for major fines and prison time.
Virtual Machines:With the disclaimer out of the way, I would heavily recommend that you run both Kali Linux, and any target or other test machines in Oracle's Virtual Box. Virtal Box is a free software, you could also use VMWare, or any other virtualization software that allows for networking options. Once you have a operating system installed and updated on Virtual Box, you can click on the VM in the main window, then got to Settings -> Network. Make sure this reads "INTERNAL NETWORK." That will ensure that traffic can NOT leave the machine running Virtual Box.
The OS:I would recommend Windows XP SP0 for your initial target machine as it is particularly vulnerable. Support has ended for this software, but if you can manage to get yourself a copy it makes your early exploitation endeavors easy. There is also a vulnerable version of Linux called Metasploitable Linux that is a good testing machine for Linux attack vectors as well.
Further Learning:Should you have the oppertunity, I would setup a small netowrk of machines, possible with more advanced features such as Active Directory (or LDAP), DNS servers, and/or web servers to mess with Cross Site Scripting (XSS) using BeEF.
If you are an administrator, you should regularly check for available updates to Metasploit Pro. If you are using the web interface, notification center alerts you when a newer version is available to install.
After the update completes, Metasploit Pro prompts you to restart the back end services. If you restart the services, Metasploit Pro terminates active sessions and requires up to ten minutes to restart.
Rapid7 provides offline update files that you can use to safely update Metasploit without an Internet connection. For each major release, Rapid7 e-mails you the links and instructions that you need to update Metasploit. The links point you to bin files that you can download and save to a portable storage device or shared network location so that you can easily transfer the file to your Metasploit server.
In order to update Metasploit to the latest version, you must install each incremental release between your current version and the latest version. For example, if your current version of Metasploit is 4.5.2, you need to apply the 4.5.3 update before you can apply the 4.6 update. If you do not apply the updates sequentially, product dependencies may not be upgraded correctly and can cause issues with Metasploit.
Notification Center is the notification system for Metasploit Pro that alerts you when a task completes or when a software update is available. It displays as a dropdown banner from the Global Menu and provides a unified view of system-wide alerts for all projects.
The Notification Center icon displays the total number of new alerts that are available. All new notifications are highlighted with a green bar. You can click on a notification to access the associated page in the user interface. Most task and MetaModule notifications will take you to the Task log. All system notifications will take you to the Software Updates page.
Rapid7 provides open source installers for the Metasploit Framework on Linux, Windows, and OS X operating systems. The Metasploit installer ships with all the necessary dependencies to run the Metasploit Framework. It includes msfconsole and installs associated tools like John the Ripper and Nmap.
Anti-virus software detects the Metasploit Framework as malicious and may cause problems with the installation and runtime of Metasploit Framework. The Metasploit Framework exploits the same vulnerabilities that the anti-virus software detects. Therefore, when you install the Metasploit Framework, the anti-virus software interrupts the installation process and alerts you of the security risks that may infect the system.
If you intend to use the Metasploit Framework, you should disable any anti-virus software before you install Metasploit Framework. If you cannot disable the anti-virus software, you must exclude the Metasploit directory from the scan.
Local firewalls, including Windows Firewall, interfere with the operation of exploits and payloads. If you install the Metasploit Framework from behind a firewall, the firewall may detect the Metasploit Framework as malware and interrupt the download.
The installer provides a self-contained environment for you to run and update the Metasploit Framework. This means that all the necessary dependencies are installed and configured for you during the installation process. If you prefer to install the dependencies manually, and configure the Metasploit Framework to use those dependencies, read -the-metasploit-framework-on-ubuntu-linux
I am currently trying to get a reverse shell in the Shells & payloads (Live engagement section 2) section of HTB academy, currently I see that the blog is vulnerable to this LFI Lightweight facebook-styled blog 1.3 - Remote Code Execution (RCE) (Authenticated) (Metasploit) - PHP webapps Exploit however the machine from which I am running the payload does not have the metasploit module and I have not managed to clearly understand the code in Ruby, I am a novice, I appreciate if someone can give me a hand.
hew guys can anybody help me with the shell and payload live engagement i m one the last host-3. i found that was vulnerable to ms17-010 however when i try to get a meterpreter it keeps failing , i also found that i can upload aspx files directly to the host from the web so i thought of getting a webshell but still nothing
I can ping and have access to targets (on nomachine) but one way to have it on my PC is - reverse shell on NoMachine(10.129.183.214) and then i got access to targets too (ping etc) but i have only terminal. I dont have WebBrowser and nothing more, do you have the same? Thats enough to do all in this section? I should do tunneling proxy in firefiox? If not, what i can do to have all options in this task?
If you are an administrator, you should regularly check for available updates to Metasploit. If you are using the web interface, Notification Center alerts you when a newer version is available to install.
b37509886e