What are exploits?
An exploit executes a sequence of commands that target a specific vulnerability found in a system or application to provide the attacker with access to the system. Exploits include buffer overflow, code injection, and web application exploits. The exploits classified into two types
- Automated Exploits
- Manual Exploits
When you run an automated exploit, Metasploit builds an attack plan based on the service, operating system, and vulnerability information that it has for the target system. Automated exploits cross-reference open ports, imported vulnerabilities, and fingerprint information with exploit modules. The attack plan defines the exploit modules that Metasploit will use to attack the target systems.
An automated exploit uses reverse connect or bind listener payloads and does not abuse normal authenticated control mechanisms
A manual exploit is a module that you can select and run individually. You perform a manual exploit when you want to exploit a known vulnerability.
Manual exploitation provides granular control over the module and evasion options that an exploit uses. Whereas automated exploits enable you to run simultaneously multiple exploits, manual exploits enable you to run one exploit at a time
How to use Exploit Modules?
First, we need to run Metasploit on our terminal so type the below command.
q – is quick mode
Now find all exploit modules so type the below command on your terminal.
After that, we select the exploit so type the command in the below format. I choose exploit/windows/ftp/filecopa_list_overflow Exploit
use ( exploit module )
Once you choose exploits type the below command on your Metasploit terminal this command will help you to guide how to use this?
Now you follow the show options guide to executing this exploit
Once you complete all the above steps type the below command to execute the exploit.