Infrastructure testing with MSF

Penetration testing of the corporate network using Metasploit

Karol Mazurek

--

INTRODUCTION

During a full penetration test of the corporate network, you will need many tools to accomplish different tasks to find and exploit vulnerabilities. You will usually find yourself in a situation where you have to manage many sessions simultaneously. Imagine a scenario where you compromised ten hosts, and you want to switch between them quickly. Additionally, few of these hosts are placed within the internal network, so you will need to pivot through one of the compromised systems (bastion). Although it is possible, it would be hard to accomplish those tasks in a single terminal window. Fortunately, there is a solution — The Metasploit Framework.

WHAT WILL YOU LEARN?

In this article, you will learn how to use Metasploit Framework as a Command and Control Center during the Penetration Testing assessment of the corporate network. Although this guide will focus on the Metasploit Framework you will find different tools and techniques, that can be used to improve the test quality.

0. PREPARE THE ENVIRONMENT

  • To use the full potential of the Metasploit Framework and save the results of scanning & looting during the penetration tests, you have to initiate the msfdb.
### START UP THE POSTGRESQL SERVER
systemctl start postgresql
# OR
sudo service postgresql start
### INITIALIZE THE MSF DATABASE
sudo msfdb init
### RUN METASPLOIT (sudo if you want to use restricted port 443)
msfconsole
### CHECK DATABASE CONNECTION ( RESPONSE => [*] Connected to msf.)
db_status
### SET WORKSPACE
workspace -a <project_name>
  • From now on, any scan or imports from 3rd party applications will be saved into the initialized database in the <project_name> workspace.
  • It is a good habit to update your tools before using them:
sudo apt update
sudo apt upgrade metasploit-framework nmap
sudo nmap --script-updatedb
sudo /opt/nessus/sbin/nessuscli update --all

1. RECONNAISSANCE PHASE

The first stage of penetration tests — to make a long story short it is gathering

--

--