If you don’t even know what Metasploit is, Metasploit is a framework which includes a large of exploits archives inside of it therefore we could use it instantly to penetrate our vulnerable target , or we could even use Metasploit to develop a new exploit! (kewl,isn’t it ?). Instead of built independently, Metasploit ’s aslo already built on BackTrack Live CD, especially BackTrack 2 final which includes Metasploit 3 (which is the newest version of it) inside of it. Actually , Metasploit has already given the ease of its use , since Metasploit could be run on web based environment. But in this tutorial , i am not going to teach you how to use the Metasploit web environment , i am going to teach you how to use the Metasploit 3 console based. 
:)
Well , in this tutorial , i’ll be running my Metasploit under SSH DEBIAN 4 environment (don’t worry , you’ll be able to implement this tutorial in Windows environment too ).
First of all , let’s load our ‘msfconsole’ program , which is located under /home/arie/l4m3/framework-3.0 (in my case) , it will bring you to the beginning user interface of Metasploit 3:
And then , list all available exploits in Metasploit 3 by using ’show exploits’ command :
Choose your desired exploit , in this case i’ll be using MSRPC DCOM exploit , use ‘use’ command to choose :
After choose the desired exploit , now you can see the list of all available payloads of the exploit , by using ’show payloads’ command :
To select the payload , use the ’set PAYLOAD’ command :
Each payload has its own required options you have to fill , it should be RHOST (which is the target ’s ip) and LHOST (your local ip address) , example : set RHOST 10.126.134.23 , set LHOST 10.126.134.22 .
after you’ve specified the required options , now just type ‘exploit’ . And Metasploit will work for you! (below is the screenshot of the failed attack , the target host’s patched i think 
)
That’s all.
BackTrack 2 Final : Metasploit 3 how to (short introduction) is posted on July 20th, 2007 by arie. This post is filed under: Review, Security, Side Story, backtrack, trick .
If you like this post, you can subscribe to receive latest posts by e-mail or RSS feed. In every problem, there's an option to receive update for the answer too.
Some people come to this post with this search term: backtrack+2+tutorial, backtrack+tutorial, How+to+use+backtrack, metasploit+3+tutorial, backtrack+metasploit, tutorial+backtrack, backtrack+tutorials, backtrack+2+tutorials, how+to+use+backtrack+2, metasploit+debian, backtrack+3, tutorial+backtrack+2, backtrack tutorial, metasploit+backtrack, backtrack+2+commands, metasploit+tutorial, back+track+2+tutorial, backtrack+2, Backtrack+commands, debian+metasploit,
And here is the related entries of this post: how to install backtrack final live cd to your hardisk, BackTrack Final 2 : how to make your HACK more portable by installing backtrack into USB drive., BackTrack 2 Final : how to make Fake Access Points with fakeap.pl,
hi,,…. is your name arie….???
if so, then it’s same like mine…. may I know where you are coming from?
I have a question about metasploit, can metasploit penetrate vulnerable target using any port? or just certain port…. i have no idea about this..
thank you
regards,
Arie
How do i interact with the opened shell then?
@all,
Please wait for my next tutorial