Metasploit Filesystem and Libraries

Metasploit Architecture

Understanding the Metasploit Architecture

One can more easily understand the Metasploit Architecture by taking a look under its hood. In learning how to use Metasploit, take some time to make yourself familiar with its filesystem and libraries.

A brief overview of the Metasploit file system | Metasploit Unleashed

A brief overview of the Metasploit file system | Metasploit Unleashed

Metasploit Filesystem

The MSF filesystem is laid out in an intuitive manner and is organized by directory.

  • data: editable files used by Metasploit
  • documentation: provides documentation for the framework
  • external: source code and third-party libraries
  • lib: the ‘meat’ of the framework code base
  • modules: the actual MSF modules
  • plugins: plugins that can be loaded at run-time
  • scripts: Meterpreter and other scripts
  • tools: various useful command-line utilities

Metasploit Libraries

The MSF libraries help us to run our exploits without having to write additional code for rudimentary tasks, such as HTTP requests or encoding of payloads.

Rex

  • The basic library for most tasks
  • Handles sockets, protocols, text transformations, and others
  • SSL, SMB, HTTP, XOR, Base64, Unicode

Msf::Core

Msf::Base

  • Provides the ‘friendly’ API
  • Provides simplified APIs for use in the Framework

Throughout this course we will touch upon how to use other tools directly within Metasploit. Understanding how things are stored and relate to the Metasploit file system will help you in using the msfconsole and its other command line interfaces.