Metasploit Object Model, Mixins and Plugins | Metasploit Tutorials

About Metasploit Object Model: Understanding the Metasploit Object Model

Metasploit Framwork architecture

   In the Metasploit Framework, all modules are Ruby classes:
    * Modules inherit from the type-specific class
    * The type-specific class inherits from the Msf::Module class
    * There is a shared common API between modules

   Payloads are slightly different:
    * Payloads are created at runtime from various components
    * Glue together stagers with stages

Metasploit Mixins and Plugins
   A Quick Diversion into Ruby:
    * Every Class only has one parent
    * A class may include many Modules
    * Modules can add new methods
    * Modules can overload old methods
    * Metasploit modules inherit Msf::Module and include mixins to add features.

   Metasploit Mixins
      Mixins are quite simply, the reason why Ruby rocks:
    * Mixins include one class into another
    * This is both different and similar to inheritance
    * Mixins can override a class’ methods

      Mixins can add new features and allows modules to have different ‘flavors’:
    * Protocol-specific (HTTP, SMB)
    * Behaviour-specific (brute force)
    * connect() is implemented by the TCP mixin
    * connect() is then overloaded by FTP, SMB, and others

      Mixins can change behavior:
    * The Scanner mixin overloads run()
    * Scanner changes run() for run_host() and run_range()
    * It calls these in parallel based on the THREADS setting

    * The BruteForce mixin is similar

   Metasploit Plugins
      Plugins work directly with the API:
    * They manipulate the framework as a whole
    * Plugins hook into the event subsystem
    * They automate specific tasks that would be tedious to do manually

      Plugins only work in the msfconsole:
    * Plugins can add new console commands
    * They extend the overall Framework functionality

   Example

From Offensive Security

Metasploit Modules and Locations | Metasploit Tutorials

Almost all of your interaction with Metasploit will be through its many modules, which it looks for in two locations. The first is the primary module store under /usr/share/metasploit-framework/modules/ and the second, which is where you will store custom modules, is under your home directory at ~/.msf4/modules/.

All Metasploit modules are organized into separate directories, according to their purpose. A basic overview of the various types of Metasploit modules is shown below.

Exploits: In the Metasploit Framework, exploit modules are defined as modules that use payloads.

Auxiliary: Auxiliary modules include port scanners, fuzzers, sniffers, and more.

Payloads, Encoders and Nops: Payloads consist of code that runs remotely, while encoders ensure that payloads make it to their destination intact. Nops keep the payload sizes consistent across exploit attempts.

Loading Additional Module Trees
   Metasploit gives you the option to load modules either at runtime or after msfconsole has already been started. Pass the -m option when running msfconsole to load additional modules at runtime.
   If you need to load additional modules from with msfconsole, use the loadpath command:

From Offensive Security

Metasploit Filesystem and Libraries | Metasploit Tutorials

Understanding the Metasploit Framework Architecture
   One can more easily understand the Metasploit architecture by taking a look under its hood. In learning how to use Metasploit, take some time to make yourself familiar with its filesystem and libraries. In Kali Linux and other distros (like Parrot Security OS), Metasploit is provided in the metasploit-framework package and is installed in the /usr/share/metasploit-framework directory.

Metasploit Framework Filesystem
   The Metasploit Framework filesystem is laid out in an intuitive manner and is organized by directory. Some of the more important directories are briefly outlined below.

   data directory: The data directory contains editable files used by Metasploit to store binaries required for certain exploits, wordlists, images, and more.

data

   documentation directory: As its name suggests, the documentation directory contains the available documentation for the framework.

documentation

   lib directory: The lib directory contains the ‘meat’ of the framework code base.

lib

   modules directoty: The modules directory is where you will find the actual MSF modules for exploits, auxiliary and post modules, payloads, encoders, and nop generators.

modules

   plugins directory: As you will see later in this course, Metasploit includes many plugins, which you will find in this directory.

plugins

   scripts directory: The scripts directory contains Meterpreter and other scripts.

scripts

   tools directory: The tools directory has various useful command-line utilities.

tools

Metasploit Libraries:
   There are a number of MSF libraries that allow us to run our exploits without having to write additional code for rudimentary tasks, such as HTTP requests or encoding of payloads. Some of the most important libraries are outlined below.

   Rex
    * The basic library for most tasks.
    * Handles sockets, protocols, text transformations, and others.
    * SSL, SMB, HTTP, XOR, Base64, Unicode.

   Msf::Core
    * Provides the ‘basic’ API.
    * Defines the Metasploit Framework.

   Msf::Base
    * Provides the ‘friendly’ API.
    * Provides simplified APIs for use in the Framework.

From Offensive Security

Requirements to build Metasploit Lab Environment | Metasploit Tutorials

Prepare your Metasploit Lab Environment
   Before learning how to use the Metasploit Framework, we first need to make sure that our setup will meet or exceed the system requirements outlined in the following sections. Taking the time to properly prepare your Metasploit Lab Environment will help eliminate many problems before they arise later in the course. We highly recommend using a system that is capable of running multiple virtual machines to host your labs.

Hardware Requirements for Metasploit Lab
   All of the values listed below are estimated or recommended. You can get away with less in some cases but be aware that performance will suffer, making for a less than ideal learning experience.

   Hard Drive Space
      You will need to have, at minimum, 10 GB of available storage space on your host. Since we are using virtual machines with large file sizes, this means that we are unable to use a FAT32 partition since large files are not supported in that filesystem, so be sure to choose NTFS, ext3, or some other filesystem format. The recommended amount of space needed is 30 GB.
      If you decided to create clones or snapshots of your virtual machine(s) as you progress through the course, these will also take up valuable space on your system. Be vigilant and do not be afraid to reclaim space as needed.

   Available Memory
      Failing to provide enough memory to your host and guest operating systems will eventually lead to system failure and/or result in being unable to launch your virtual machine(s). You are going to require RAM for your host OS as well as the amount of RAM that you are dedicating for each virtual machine. Use the guide below to help in deciding the amount of RAM required for your situation.

      Linux “HOST” Minimal Memory Requirements: 1 GB of system memory (RAM). Realistically 2 GB or more
      Kali “GUEST” Minimal Memory Requirements: At least 1 GB of RAM. Realistically 2 GB or more with a SWAP file of equal value
      Metasploitable “GUEST” Minimal Memory Requirements: At least 256 MB of RAM (512 MB is recommended)
      Windows “GUEST” Minimal Memory Requirements: 1 GB is recommended. Realistically 1 GB or more

   Processor: To ensure the best experience, we recommend a 64-bit quad-core CPU or better. The bare-minimum requirement for VMware Player is a 400MHz or faster processor (500MHz recommended) but these speeds are inadequate for the purposes of this course. The more horsepower you can throw at your lab, the better.

   Internet Accessibility: Getting your lab set up will require downloading some large virtual machines so you will want to have a good high-speed connection to do so. If you choose to use “Bridged” networking for your virtual machines and there is no DHCP server on your network, you will have to assign static IP addresses to your guest VMs.

Software Requirements for Metasploit Lab
   Before jumping in to the Metasploit Framework, we will need to have both an attacking machine (Kali Linux) and a victim machine (metasploitable 2) as well as a hypervisor to run both in a safe and secluded network environment.
   You can install Metasploit Framework with command: sudo apt install metasploit-framework

Hypervisor for Metasploit Lab
   Our recommended hypervisor for the best out-of-the-box compatibility with Kali Linux and metasploitable is VMware Player. While VMware Player is “free”, you will have to register in order to download it, and the virtualization applications and appliances are well worth the registration if you do not already have an account. You may also use VMware Workstation or VMware Fusion but neither of these is free.
   There are also other options available when it comes to which hypervisor you would like to use. In addition to VMware, two other commonly used hypervisors are VirtualBox and KVM but they are not covered here. Instructions for installing Kali Linux can be found on the Kali Training site.

Latest Kali Linux
   Kali Linux is an advanced Penetration Testing and Security Auditing Linux distribution that will be used throughout this course. Kali Linux comes with Metasploit pre-installed along with numerous other security tools that you can try out against your victim machine. You can download the latest version of Kali Linux at Kali Linux Downloads.
   Once you have downloaded Kali Linux, you can update Metasploit to the latest version in the repos by running apt update && apt upgrade in Terminal.

Windows (Of course)
   Microsoft has made a number of virtual machines available that can be downloaded to test Microsoft Edge and different versions of Internet Explorer. We will be able to use these VMs when working with some of the exploits and tools available in Metasploit. You can download the VMs from here.
   Once you have met the above system requirements, you should have no trouble running any tutorials from the Metasploit Unleashed course.

Metasploitable
   One of the problems you encounter when learning how to use an exploitation framework is trying to find and configure targets to scan and attack. Luckily, the Metasploit team is aware of this and released a vulnerable VMware virtual machine called ‘Metasploitable’.
   Metasploitable is an intentionally vulnerable Linux virtual machine that can be used to conduct security training, test security tools, and practice common penetration testing techniques. The VM will run on any recent VMware products and other visualization technologies such as VirtualBox. You can download the image file of Metasploitable 2 from here.

Never expose Metasploitable to an untrusted network, use NAT or Host-only mode!

   Once you have downloaded the Metasploitable VM, extract the zip file, open up the .vmx file using your VMware product of choice, and power it on. After a brief time, the system will be booted and ready for action. The default login and password is msfadmin:msfadmin.

   For more information on the VM configuration, there is a Metasploitable 2 Exploitability Guide on the Rapid7 website  but beware…there are spoilers in it.
   To contact the developers of Metasploit, please send email to msfdev@metasploit.com

From Offensive Security