Are you a person with computer engineering background? Are you interested in cyber security projects? Are you a person with good knowledge in security softwares? Then look on to wisdom job online portal for your future prospects. Metasploit project is a computer security project that provides information about security vulnerabilities and aids in penetration testing IDS signature development. Metasploit is the world’s most used penetration testing software. The role of a security consultant is to be aware of number of security tools, ability to learn, share and expand his technical competency. So, all job seekers track your path as senior security consultant, penetration tester, cyber security consultant, security solutions engineer etc by going through the metasploit job interview questions and answers.
Question 1. What Is Kali Linux?
Answer :
Kali Linux is a Linux distribution for penetration testers that comes preloaded with a lot of open source penetration testing tools. It is brought to you by the same people who made BackTrack, currently the world’s most popular Linux distribution for penetration testing.
In other words, Kali Linux is an operating system that is optimized for penetration testing. You can think of it in the same way that Chromium OS is Linux operating system that is optimized for web browsing.
The open source Kali Linux project is managed by Offensive Security with the help of community contributors, such as Rapid7.
Question 2. What Is The Difference Between Kali Linux And Backtrack?
Answer :
Kali Linux is the next-generation version of BackTrack and therefore replaces BackTrack. While BackTrack is based on Ubuntu, Kali Linux is based on Debian.
Question 3. What’s New In Kali Linux Compared To Backtrack?
Answer :
BackTrack users will notice that Kali Linux is built in a much more structured way, which ensures a more professional and robust user experience.
Here is a list of the new benefits:
Question 4. Why Is Kali Linux No Longer Called Backtrack?
Answer :
Kali Linux is a huge step forward from BackTrack 5. Kali Linux has been built from scratch, changing the entire architecture. The new name reflects this overhaul.
Question 5. What Does “kali” Stand For?
Answer :
Is Kali the Hindu Goddess of time and change? A Philippine martial art? A cool word in Swahili? None of the above. “Kali” is simply the name we came up with for the new distribution.
Question 6. What Is New About Metasploit Support In Kali Linux?
Answer :
Recognizing the importance of the BackTrack project to the community, Rapid7 joined the Kali Linux project to contribute to the packaging and long-term support of Metasploit on the Kali Linux platform.
Metasploit is a large and ever evolving project which is difficult to package and support for any third-party. Although it was made available in BackTrack, Metasploit on BackTrack suffered from issues that impacted the user experience. Symptoms Metasploit users reported include issues with updates, databases, and general stability.
As a result of Rapid7’s involvement in the Kali project, Metasploit users should have a much more robust user experience on Kali Linux.
Question 7. What Is The Relationship Between Kali Linux And Rapid7?
Answer :
Rapid7 is now an official contributor of the Kali Linux project with the goal of improving the support for Metasploit on this important platform. Starting with the investment into the Metasploit Project in 2009, Rapid7 has continued to support the security community. Here are some of the ways that Rapid7 gets involved, support and give back.
Question 8. As A Metasploit Pro Customer, Can I Get Full Technical Support On Kali Linux?
Answer :
Yes, Rapid7 fully supports Metasploit Pro on Kali Linux, Windows, Ubuntu and Red Hat.
Question 9. Should I Boot Kali Linux From A Cd Or Use A Persistent Installation?
Answer :
Kali Linux offers a much improved installation experience compared to BackTrack. For most users, a persistent installation is best because it will remember your settings, files, and product licenses. If you need to revert to a clean image for each new engagement, consider reverting to the snapshot of a clean, pre-installed virtual machine after each engagement.
Question 10. Should I Use Kali Linux As My New Secure Desktop System?
Answer :
No. Kali Linux is meant to be used as a platform for penetration testing, not as a secure operating system for desktops. We recommend that you use Kali Linux on a dedicated physical or virtual machine or boot it from a persistent external USB flash drive or hard disk for the duration of your penetration test. As a best practice, you should keep your personal files, such as email and office documents, on a separate system.
Question 11. What Version Of Debian Is Kali Based On?
Answer :
Kali is based on Debian Wheezy, with selective packages imported from upstream.
Question 12. Are Wireless Injection Patches Available In Kali?
Answer :
Yes.
Question 13. Is My $wireless_card Supported By Kali?
Answer :
This depends on the cards chipset and drivers. If kernel 3.7 supports your drivers, your card is supported.
Question 14. Armitage Does Not Display Hosts From The Database?
Answer :
Type hosts in the Metasploit Framework console. If you see hosts there, but not in Armitage, you have this issue. There are three possible causes:
The first (possible) cause is you are using the Metasploit Framework's workspaces (the workspace command). Armitage is not compatible with the Metasploit Framework's concept of workspaces. You must leave this at default and not change it.
The second potential cause is that Armitage is not using the same database configuration as the Metasploit Framework. This is driven by the database.yml file in your Metasploit Framework environment. Type db_status in a Metasploit Framework console and verify that this is the same database Armitage uses (go to Armitage -> Preferences and find the connect.db_connect.string value).
The third potential cause is that Metasploit made two default workspaces for you. Why? I don't know. This messes up things with Armitage though. Type workspace. If you see two workspaces with the name default, then this bit you. To fix it, type: workspace -D and restart Armitage.
Question 15. Armitage Is Slow Or Has Graphical Glitches
Answer :
Switch from OpenJDK to Oracle's Java environment. The OpenJDK implementation of Java has occasional bugs that affect the Armitage experience negatively. Random artifacts when updating UI components is not uncommon in the OpenJDK. As of this FAQ update, there is a bug in the OpenJDK packaged for Debian distributions (Kali Rolling!) that slowly consumes CPU/memory until the application crashes.
If you experience graphical or performance issues, change over to Oracle's Java and see if that resolves your issue.
Question 16. How Do I Run Armitage On Kali Linux?
Answer :
Armitage is not distributed with Kali Linux. It is in the Kali Linux repository though. To install it, type:
apt-get install armitage
Question 17. I Get A Database Error On Kali Linux. How Do I Fix It?
Answer :
Make sure the database is running. Use:
service postgresql start
Next, you may need to ask Kali to recreate the Metasploit framework database:
service metasploit start
service metasploit stop
Sometimes you need to do the above after an msfupdate as well.
Question 18. Sometimes Armitage's Menus Stick (or I See Graphic Glitches)--how Do I Fix This?
Answer :
Kali Linux comes with Java 1.6 and 1.7 pre-installed. Unfortunately, it defaults to Java 1.6 which has a few issues. You'll need to tell Kali Linux to use Java 1.7 by default. Here's how:
32-bit Kali Linux:
update-java-alternatives --jre -s java-1.7.0-openjdk-i386
64-bit Kali Linx:
update-java-alternatives --jre -s java-1.7.0-openjdk-amd64
Question 19. Do Not See A Start Msf Button, What Is Wrong With My Armitage?
Answer :
Nothing. You're using the latest version of Armitage. The Start MSF button has been taken away. The Connectbutton now intelligently detects whether Metasploit is running locally or not. If Metasploit is not running, Armitage will ask you if you want it to start Metasploit. I suggest pressing Yes.
Question 20. Can Armitage Exploit Windows 7 And Vista Or Is It Windows Xp Only?
Answer :
I get this question, worded in this way, a lot. First, Armitage is a front-end that provides a workflow and collaboration tools on top of Metasploit. The correct question is: does Metasploit have attacks that work against Windows 7 and Windows Vista?
The answer is yes. Remote exploits against modern Windows versions are very rare. If you're hoping for this, please put these days behind you. Microsoft has a lot of smart people and they've put a lot of work into reducing mistakes that lead to exploitable conditions. They have also added mitigations to their software to make it harder to turn a programmer's mistake into an attack.
Attackers do what works and they have moved on. Now, to break into a modern system, you need to attack the applications the user is running and not the operating system. Client-side attacks against Internet Explorer, Firefox, Adobe Reader, Adobe Flash, Apple QuickTime, and Java are very common. Metasploit is the cutting edge of what's publicly available in this space.
Once you get a foothold, it's up to you to think like an attacker and use your position to gain access to other systems. There are resources available for your learning. I suggest that you go study them. If you're really serious about learning these ideas then invest in yourself and take a class.
Question 21. Why Can't I Type In Any Of The Tabs?
Answer :
On Windows and MacOS X you have to click in the editbox to focus the input area and type. This is a known issue. The editbox is at the bottom of the tab. Just click in it until you see a blinking cursor.
Question 22. Armitage Picked The Wrong Lhost, How Do I Fix It?
Answer :
Type:
setg LHOST [your IP address]
That's it. Armitage uses this value to tell reverse connect attacks where to connect to. You do not need to reset Armitage's listener when you change this value.
Question 23. I Can't Get Any Exploits To Work. What Am I Doing Wrong?
Answer :
Start with something that you know is exploitable. I recommend downloading the Metasploitable virtual machine. Hacking this will give you confidence that yes, exploits work and yes, you're probably using Metasploit correctly.
Not all exploits work in all situations. Remember that you're sending code to a system that is meant to trigger a flaw. If a firewall is on, then maybe the data isn't getting to the service. Maybe you're running a version of the software that no longer has the flaw.
Metasploit is not a magic key into other systems. Knowing what to use in different situations is a skill and it comes with experience.
Question 24. Why Do The Hosts In The Targets Area Move Back After I Move Them?
Answer :
Armitage automatically arranges the hosts in the targets area by default. You can turn this behavior off. Make sure no host is selected and right-click inside the targets area. Go to Auto Arrange -> None.
Question 25. What Are The Warning Messages In The Console I Launched Armitage From?
Answer :
These are harmless. They're debug output for me to read. I was too lazy to remove them. They always have the form Warning: some message here at file.sl:##. The scary "Warning" text is from the warn function in the language I used to write Armitage. Ignore it.
Question 26. How Do I Use Armitage Against An Internet Address?
Answer :
There are no restrictions in the software. I recommend experimenting with virtual machines on a private test network. If you choose to use this tool against an internet host, make sure you have a letter of permission from the system's owner.
Question 27. What's The Best Way To Learn How To Use Armitage For Metasploit?
Answer :
There are a lot of resources on both Armitage and Metasploit available to you. Here's a recommended order for you:
As a penetration tester, I find tools give me about 15% of what I need. The rest of my work is problem solving, system administration, and luck. If you want to learn how to hack, don't neglect these skills either. Here are a few other recommended items:
If you get through all of the above and you want to take things to the next level:
Question 28. Will You Teach Me To Hack?
Answer :
If you want my views on the hacking process and how to do it, then ask your organization to invite me to teach a course at your location. I have materials, labs, and an exercise for a threat emulation course. I've given this course several times now and my students have taken a lot from it.
Question 29. Why Does Armitage Exist?
Answer :
I've met too many security professionals who don't know how to use Metasploit. Sadly, I was one of them. I've always felt Metasploit could use a non-commercial GUI organized around the hacking process. So, I made Armitage
Armitage exists to help security professionals better understand the hacking process and appreciate what's possible with the powerful Metasploit framework. Security professionals who understand hacking will make better decisions to protect you and your information.
Question 30. What’s Significantly New In The 3.0 Series Of The Msf?
Answer :
Version 3.0 is almost a radical departure from version 2.0 in terms of the underlying technology and feature set. While the ability to develop and execute exploits has been enhanced, the new modules and plugins offer greater flexibility in managing multiple exploit sessions, automating the penetration testing cycle, storing results in a database, and even developing new tools built around the APIs exposed by the framework.
Significant IDS/IPS evasion capabilities have also been added, and the Web interface has been overhauled. Besides this, the framework has been coded in Ruby rather than in Perl.
Question 31. What About All The Cool Meterpreter And Vnc Dll Stuff?
Answer :
All of the powerful payloads—Meterpreter, VNC DLL, PassiveX—are present with the new release, and have been enhanced even further.The framework also allows specifying a class of payloads instead of a specific payload. However, little-used features such as Impurity ELF injection and InlineEgg have been removed. Eventually, all non-Windows exploitation methods will be moved to Meterpreter.
Question 32. What Is The Auxiliary Module System?
Answer :
The Auxiliary module system is essentially a collection of exploits and modules that add to the core capability of the framework. Exploits that don’t have payloads, such as Microsoft SRV.SYS Mailslot Write Corruption and Microsoft RRAS InterfaceAdjustVLSPointers NULL Dereference, are part of this system. More importantly, recon modules that allow scanning of remote systems and fingerprinting them are also present as auxiliary modules. For instance, one of the auxiliary modules scans a range of systems for the presence of UDP ports, and decodes six protocols and displays them at the console.Another module performs fingerprinting of Windows systems using the SMB protocol.
Question 33. What’s The Best Way To Remain On The Cutting Edge Of The Msf?
Answer :
The framework source code is now available through the Subversion CVS. Once you’ve downloaded the 3.0 release from the Metasploit Web site, you need to also download the Subversion client.Then navigate to the framework installation folder and run the svn checkout command. Once the code and other files have been downloaded, you can run the svn update command to keep yourself right on the bleeding edge of the framework.
Question 34. What Is Metasploit Intended For And What Does It Compete With?
Answer :
The MSF is an open-source tool, which provides a framework for security researchers to develop exploits, payloads, payload encoders, and tools for reconnaissance and other security testing purposes.Although, it initially started off as a collection of exploits and provided the ability for large chunks of code to be re-used across different exploits, in its current form it provides extensive capabilities for the design and development of reconnaissance, exploitation, and post-exploitation security tools.
The MSF was originally written in the Perl scripting language and included various components written in C, assembler, and Python.The project core was dual-licensed under the GPLv2 and Perl Artistic Licenses, allowing it to be used in both open-source and commercial projects. However, the 3.0 version of the product is now completely re-written in Ruby and comes with a wide variety of APIs. It is also now licensed under the MSF License, which is closer to a commercial software End User License Agreement (EULA) than a standard open-source license.The basic intent is to:
The MSF competes directly with commercial products such as Immunity’s CANVAS and Core Security Technology’s IMPACT. However, there is a major difference between the MSF and these commercial products in terms of its objectives.The commercial products come with user-friendly graphical user interfaces (GUIs) and extensive reporting capabilities in addition to the exploit modules, whereas the MSF is first and foremost a platform to develop new exploits, payloads, encoders, No Operator (NOP) generators, and reconnaissance tools. Moreover, it is also a platform to design tools and utilities that enable security research and the development of new security testing techniques.
Answer :
The following reasons illustrate the rationale behind this decision:
Question 36. Which Is The Better Platform For Metasploit, Linux Or Windows?
Answer :
The choice of platform is more or less personal, since the framework works almost the same on both operating systems. However, the majority of Metasploit downloads for its earlier versions were for the Windows platform. For version 3, Windows is only partially supported. My personal choice is Linux, since some of the bleeding-edge features such as database support and wireless exploits first came out for Linux, and then for Windows.
Question 37. What Is The Difference In Environment Variables Between Versions 3.0 And 2.0?
Answer :
In version 3.0, some of the variable names have been changed, and the way in which values with spaces are treated has changed.
Question 38. Of The Various Payload Options Available, Which One Should I Use?
Answer :
Chances are that you will usually get only one shot at launching and successfully executing your exploit, so the selection of a payload is very important.Your objective should be to get maximum mileage, while at the same time avoiding detection as much as possible.
In this regard, the Meterpreter might be your best bet. It executes within the context of the vulnerable process, and encrypts communication between client and server.
Moreover, if you have a programming background, you could code your chosen task and compile it as a DLL.You could then upload and execute this DLL or any binary through Meterpreter.The VNC DLL will open up a GUI, which increases the speed at which you can pivot onto other systems. It also increases the chances of being detected, since any mouse or keyboard action you execute on the remote system will also show up on the console of the remote system.
If you are very sure that no one would be monitoring the system console, or would be connected to VNC at the same time, you could go ahead and use this payload. If your objective is only proof of concept, you may be best suited by using a payload that will simply run a command (windows/exec, /bsd/x86/exec, cmd/unix/generic or /linux/x86/exec).To leave your mark on the system, you could create a local file in a specific location.
Question 39. How Easily Can I Customize The Meterpreter And Passivex Payloads?
Answer :
The Meterpreter supports any language that can compile code into a DLL. Once you understand the simple Type-Length-Value protocol specification required by the Meterpreter, you can easily create extensions.These can then be uploaded and executed on the fly on the remote system.
For PassiveX payloads, you could write your own ActiveX control and have that loaded by the Internet Explorer of the remote system.
Question 40. What Is Pivoting?
Answer :
Pivoting is a technique that Metasploit uses to route the traffic from a hacked computer toward other networks that are not accessible by a hacker machine.
Let’s take a scenario to understand how Pivoting works. Assume we have two networks:
The hacker will try to hack the second network this machine that has access in both networks to exploit and hack other internal machines.
Metasploit Related Tutorials |
|
---|---|
Network Security Tutorial | Security Testing Tutorial |
Penetration Testing Tutorial | Computer Security Tutorial |
Unittest Framework Tutorial |
Metasploit Related Practice Tests |
|
---|---|
Network Security Practice Tests | Computer Network Security Practice Tests |
Computer Security Practice Tests |
All rights reserved © 2020 Wisdom IT Services India Pvt. Ltd
Wisdomjobs.com is one of the best job search sites in India.