1 00:00:00,240 --> 00:00:02,460 Instructor: Before we get into Metasploit framework 2 00:00:02,460 --> 00:00:05,370 and its structure inside of Kali Linux 3 00:00:05,370 --> 00:00:09,843 let us first talk about reverse shells and bind shells. 4 00:00:10,740 --> 00:00:12,120 As we already mentioned 5 00:00:12,120 --> 00:00:15,660 shell is our access to the target machine. 6 00:00:15,660 --> 00:00:16,890 With the help of shell 7 00:00:16,890 --> 00:00:20,520 we execute commands and control the target system. 8 00:00:20,520 --> 00:00:23,970 So shell is essentially our payload 9 00:00:23,970 --> 00:00:27,180 that we drop on machine after exploiting it. 10 00:00:27,180 --> 00:00:30,090 However, there are two different types of shells. 11 00:00:30,090 --> 00:00:34,020 We got reverse shells and bind shells. 12 00:00:34,020 --> 00:00:37,500 Now, reverse shells are something that you will use a lot. 13 00:00:37,500 --> 00:00:41,130 It works on principle of target machine trying to connect 14 00:00:41,130 --> 00:00:43,320 back to our Kali Linux machine. 15 00:00:43,320 --> 00:00:45,930 For this to work on our Kali Linux machine 16 00:00:45,930 --> 00:00:47,400 we must first listen 17 00:00:47,400 --> 00:00:50,460 for the incoming connection over some port. 18 00:00:50,460 --> 00:00:53,280 Then we exploit the target and drop a shell 19 00:00:53,280 --> 00:00:55,920 which will tell that target machine to connect 20 00:00:55,920 --> 00:00:58,740 to our port on Kali Linux that we're listening on. 21 00:00:58,740 --> 00:01:00,630 After it completes the connection 22 00:01:00,630 --> 00:01:02,730 we can then control that machine. 23 00:01:02,730 --> 00:01:06,420 On the other hand, bind shell is when the target machine 24 00:01:06,420 --> 00:01:09,570 opens their port for us to connect to. 25 00:01:09,570 --> 00:01:12,810 In this case, it is the target machine that is listening 26 00:01:12,810 --> 00:01:15,870 for the incoming connection on that port 27 00:01:15,870 --> 00:01:20,010 and we are the ones that must connect to that port. 28 00:01:20,010 --> 00:01:23,520 After we do it, we can control that target machine. 29 00:01:23,520 --> 00:01:27,570 However, there is one problem with bind shell 30 00:01:27,570 --> 00:01:29,760 and it is also one of the main reasons 31 00:01:29,760 --> 00:01:32,160 why we want to use it that much 32 00:01:32,160 --> 00:01:35,910 and that is because firewall can forbid target machines 33 00:01:35,910 --> 00:01:37,473 to open a port. 34 00:01:38,370 --> 00:01:40,920 Many firewalls could have a rule that says 35 00:01:40,920 --> 00:01:44,880 don't open any random port for security reasons. 36 00:01:44,880 --> 00:01:47,790 Therefore, our bind shell would not work even 37 00:01:47,790 --> 00:01:50,190 after exploiting the target. 38 00:01:50,190 --> 00:01:54,060 However, reverse shells will always work. 39 00:01:54,060 --> 00:01:55,080 Why? 40 00:01:55,080 --> 00:01:56,640 Well, because the target 41 00:01:56,640 --> 00:01:59,610 in that case is just connecting to us. 42 00:01:59,610 --> 00:02:03,330 It is the same process as when the target visits a website. 43 00:02:03,330 --> 00:02:05,760 It connects to a port on that web server 44 00:02:05,760 --> 00:02:09,360 and it gets the webpage of that website back. 45 00:02:09,360 --> 00:02:11,039 Just in this case, it'll connect 46 00:02:11,039 --> 00:02:13,110 to a port on our Kali Linux machine 47 00:02:13,110 --> 00:02:15,450 and we will establish a shell like that. 48 00:02:15,450 --> 00:02:18,330 That's why reverse shell is always a better option 49 00:02:18,330 --> 00:02:19,770 if possible. 50 00:02:19,770 --> 00:02:21,210 Alright, cool. 51 00:02:21,210 --> 00:02:23,610 Now we are ready to start introducing ourselves 52 00:02:23,610 --> 00:02:25,200 to the Metasploit framework, 53 00:02:25,200 --> 00:02:28,320 the number one tool that we will use for exploitation. 54 00:02:28,320 --> 00:02:32,130 It is as important as mmap and we will use it a lot 55 00:02:32,130 --> 00:02:35,610 so it is important we get its basics down first. 56 00:02:35,610 --> 00:02:36,630 It is not hard. 57 00:02:36,630 --> 00:02:40,200 However, it will take some practice to get used to it. 58 00:02:40,200 --> 00:02:41,643 Let's get straight into it.