Understanding the Metasploit Architecture
One can more easily understand the Metasploit Architecture by taking a look under its hood. In learning how to use Metasploit, take some time to make yourself familiar with its filesystem and libraries.
The MSF filesystem is laid out in an intuitive manner and is organized by directory.
- data: editable files used by Metasploit
- documentation: provides documentation for the framework
- external: source code and third-party libraries
- lib: the ‘meat’ of the framework code base
- modules: the actual MSF modules
- plugins: plugins that can be loaded at run-time
- scripts: Meterpreter and other scripts
- tools: various useful command-line utilities
The MSF libraries help us to run our exploits without having to write additional code for rudimentary tasks, such as HTTP requests or encoding of payloads.
- The basic library for most tasks
- Handles sockets, protocols, text transformations, and others
- SSL, SMB, HTTP, XOR, Base64, Unicode
- Provides the ‘basic’ API
- Defines the Metasploit Framework
- Provides the ‘friendly’ API
- Provides simplified APIs for use in the Framework
Throughout this course we will touch upon how to use other tools directly within Metasploit. Understanding how things are stored and relate to the Metasploit file system will help you in using the msfconsole and its other command line interfaces.