Metasploit: The fine line between security tool and security weapon

metasploit

The Metasploit Project is ostensibly a group formed to “provide useful information to people doing penetration testing, developing IDS signatures, and exploiting research.”

Its latest version, the Metasploit Framework version 2.0, claims to be “an advanced open source platform for developing, testing, and using exploit code.”

While it is true that the tools and functionality built into the Metasploit Framework may be valuable for a security auditor or penetration tester to use to verify the security of a system or network, it is probably as true or more so than scripts. -kiddies and other would-be hackers or malicious code developers could use this tool as a fast track or fast track to help them create exploits and malware.

I really don’t know enough about the Metasploit Project or the developers who have worked on this utility to say if their motives were pure. It seems that often the line between providing network security and breaking network security is a fine one and it doesn’t take much for some otherwise rational people to accuse security researchers or administrators of having less than honorable intentions. Some assume that anyone in network security is also a hacker on the side and many question the true intent of tools that double as powerful weapons for script-kiddies.

Even if we assume that its goal is indeed to provide useful information and tools to help further the cause of development and security research, this does not change the fact that the tool is available for everyone to download and there is no way to predict or control what the end user will do with it.

The Metasploit Project says its Metasploit Framework can be compared to expensive commercial products like Immunity’s CANVAS or Core Security Technology’s Core Impact. These tools also provide the same or similar functionality. One of the main reasons they haven’t come under the scrutiny that the Metasploit Framework has is price. Since few can afford these packages, they pose little risk, but if you take that same power and freely distribute it, there’s more concern that the wrong people will use it for the wrong reasons.

The Metasploit Framework appears to be a powerful tool. I downloaded a copy myself to play on my own network against my lab computers. I think it can be valuable for security administrators in the battle to ensure the security of their computer and network and to make sure that it is protected. But I think we may also start to see new exploits and malware on the streets once the children of the script start playing with this tool and learn how powerful a weapon it can be.

What is Metasploit framework

Metasploit framework is a tool developed in Perl and Ruby for the most part, which is focused on security auditors and Red Team and Blue Team teams.

Red Team is the offensive team or team in charge of ethical hacking, which does intrusion tests, while the Red Team is the team that carries out the securitization and all the defensive part.

Main features

It is a very complete tool that has many exploits, which are known vulnerabilities, in which they also have some modules, called payloads, which are the codes that exploit these vulnerabilities.

It also has other types of modules, for example, encoders, which are a kind of encryption code to evade antivirus or perimeter security systems.

Another advantage of this framework is that it allows us to also interact with external tools, such as Nmap or Nessus, as we will see during the Metasploit course.

It also offers the possibility of exporting our malware to any format, whether on Unix or Windows systems.

Also note that it is multiplatform and free, although it has a paid version, in which we are offered already developed exploits, but whose cost is quite high. The free version is very interesting because it contains all the public vulnerabilities.

.

By Olivia Bradley

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like