Job Interview Questions
Vskills Certifications
Why Vskills
Search
Metasploit
Metasploit
Q.1
What are the main components of Metasploit?
Exploits: Code that takes advantage of vulnerabilities
Payloads: Code that runs after successful exploitation
Encoders: Obfuscate payloads to evade detection
Auxiliary Modules: Perform scanning, fuzzing, sniffing, etc.
Post Modules: Used for actions after gaining access
Report This Question
Q.2
What is msfconsole?
msfconsole is the main command-line interface for Metasploit. It allows users to interact with the framework, load modules, set parameters, and run exploits.
Report This Question
Q.3
What is a payload in Metasploit?
A payload is the part of the exploit that performs the intended action on the target system, such as opening a reverse shell or creating a Meterpreter session.
Report This Question
Q.4
What is the difference between bind shell and reverse shell?
Bind Shell: Target system listens for a connection.
Reverse Shell: Target system connects back to the attacker. Useful when the target is behind NAT/firewall.
Report This Question
Q.5
What is Meterpreter?
Meterpreter is an advanced payload in Metasploit that runs in memory, provides an interactive shell, and supports features like file browsing, keylogging, webcam control, and privilege escalation.
Report This Question
Q.6
What is the purpose of the exploit/multi/handler module?
This module listens for connections from payloads (like reverse shells) and handles them, typically used with custom-generated payloads.
Report This Question
Q.7
What is the Veil Framework and how does it relate to Metasploit?
Veil is a tool to generate Metasploit-compatible payloads that can bypass antivirus detection using encryption and obfuscation.
Report This Question
Q.8
What is post-exploitation in Metasploit?
Post-exploitation refers to activities performed after gaining access, like extracting credentials, privilege escalation, gathering sensitive data, or pivoting to other systems.
Report This Question
Q.9
How can you use Metasploit for client-side attacks?
By crafting payloads (e.g., in PDFs, Office files, images) and delivering them through social engineering. BeEF can also be used for browser exploitation.
Report This Question
Q.10
What is Armitage in relation to Metasploit?
Armitage is a GUI front-end for Metasploit that simplifies exploitation, collaboration, and visualization of network attacks.
Report This Question
Q.11
Can Metasploit be used for phishing?
Yes, Metasploit has auxiliary modules and can integrate with BeEF to perform phishing and browser-based attacks.
Report This Question
Q.12
How do you integrate Metasploit with BeEF?
You enable the Metasploit extension in BeEF’s configuration, allowing you to use Metasploit’s exploits against browsers hooked by BeEF.
Report This Question
Q.13
What is the significance of set RHOST and set LHOST in Metasploit?
RHOST: The remote host (target machine).
LHOST: The local host (attacker machine) that listens for a reverse connection from the target.
Report This Question
Q.14
Explain the difference between staged and non-staged payloads.
Staged payloads send the initial payload (the stager) which then downloads and executes a larger payload (like Meterpreter).
Non-staged (single) payloads contain all code in one file, no further connection needed after delivery.
Report This Question
Q.15
How do you ensure stealth when performing attacks over a WAN using Metasploit?
Use reverse_https for encrypted C2 traffic
Use tunneling tools like Ngrok
Employ time-based evasion (delays, jitter)
Limit payload execution to specific IP checks or triggers
Report This Question
Q.16
What is the role of encoders in Metasploit, and are they effective today?
Encoders like shikata_ga_nai obfuscate payloads to evade static AV signatures. However, most modern AVs use behavioral analysis, so encoders are often insufficient alone.
Report This Question
Q.17
How can you evade IDS/IPS detection when using Metasploit?
Use HTTPS payloads to encrypt traffic
Apply payload encoding and custom shellcode obfuscation
Throttle traffic using delays
Use non-standard ports and mimic legitimate traffic
Avoid signature-based payloads; build custom ones with Veil or Shellter
Report This Question
Q.18
What are the benefits of using reverse_https over reverse_tcp?
Encrypted communication over TLS
Better firewall evasion (port 443 is usually open)
Less detectable by security monitoring tools due to web-like traffic
Report This Question
Q.19
How can Metasploit be used for lateral movement in a compromised network?
After post-exploitation: Use pivoting via port forwarding (autoroute in Meterpreter)
Scan internal networks from the compromised host
Use PsExec or WMI modules to move to other machines
Report This Question
Q.20
What is the difference between staged and stageless payloads in Metasploit?
Staged: Smaller initial payload, downloads second-stage shell
Stageless: Entire payload is sent at once; larger but avoids second connection step
Report This Question
Q.21
How does shikata_ga_nai work in Metasploit?
It's an encoder that performs polymorphic XOR encoding. It helps obfuscate payloads to evade AV detection. It uses random instruction sets for each encoding iteration.
Report This Question
Q.22
What is session migration in Meterpreter and why is it used?
migrate moves the Meterpreter session into another process (e.g., explorer.exe) to maintain persistence, evade detection, or gain higher privileges.
Report This Question
Q.23
What is the difference between inline and staged payloads?
Inline (non-staged): Entire payload is sent at once. More reliable but larger.
Staged: Initial stager connects back and pulls the second stage. Smaller, stealthier.
Report This Question
Q.24
How does Metasploit handle cross-platform exploitation?
It supports platform-agnostic modules (e.g., exploit/multi/handler) and platform-specific payloads (windows, linux, android). You choose the appropriate payload for the target OS.
Report This Question
Q.25
What is Metasploit?
Metasploit is an open-source penetration testing framework used by security professionals to find, exploit, and validate vulnerabilities in systems. It supports tasks like exploit development, payload generation, post-exploitation, and more.
Report This Question
Get industry recognized certification
Submit
Get Govt. Certified
Know More
Are you an expert ?
Take a Quiz
Get Govt. Certified
Take Test
Report This Question
×
Name
Email
Message
For Support