Book Image

Learning Metasploit Exploitation and Development

By : Aditya Balapure
Book Image

Learning Metasploit Exploitation and Development

By: Aditya Balapure

Overview of this book

<p>Metasploit is an open source exploit framework that provides you with heaps of exploits, as well as tools to assist you in creating your own exploits. This includes the ability to generate a large range of shellcodes for different purposes and platforms that can be customized to attack your target. The recent improvements in network security mechanisms have given rise to new trends and techniques of compromising a network. This book deals with these recent trends and attack tips to compromise the weakest to the strongest of networks. Metasploit Exploitation and Development describes actual penetration testing skills and ways to penetrate and assess different types of networks.<br /><br />Metasploit Exploitation and Development is a perfect fit for hackers who want to develop some real exploitation skills. This book has been designed with a practical approach which emphasizes hands-on rather than theoretical reading. It covers all the new exploits for new operating systems and tips from the experience of real hackers. This is a best buy book for learning the art of exploitation and skills of a penetration tester.<br /><br />Metasploit Exploitation and Development is a guide to real network hacking with the best tricks to master the art of exploitation.</p> <p><br />This book has been designed in well-defined stages so the reader learns more effectively. From the actual setup to vulnerability assessment, this book provides an individual with in-depth knowledge of an expert penetration tester. The book deals with vulnerability assessment exercises with some of the industrially-used tools and report-making tips. It covers topics such as client exploitation, backdoors, post exploitation, and also exploitation development with Metasploit.<br />This book has been developed with a practical hands-on approach so that readers can effectively try and test what they actually read.</p> <p><br />Metasploit Exploitation and Development covers the experience of real network hacking with some of the latest operating systems. The readers will go through a journey in which they will learn from basic to advanced levels of the art of exploitation.</p> <p><br />This book covers real hacking and exploitation of the current vulnerabilities in some of the latest operating systems.</p>

Related Content you might be interested in

Current Title:

Small book image
Learning Metasploit Exploitation and Development
Aditya Balapure
Jul, 2013 | 294 pages
No titles found
Table of Contents (20 chapters)
Learning Metasploit Exploitation and Development
Learning Metasploit Exploitation and Development
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Lab Setup
Lab Setup
Installing Oracle VM VirtualBox
Installing WindowsXP on Oracle VM VirtualBox
Installing BackTrack5 R2 on Oracle VM Virtual Box
Summary
2
Metasploit Framework Organization
Metasploit Framework Organization
Metasploit interfaces and basics
Exploit modules
Payloads – in-depth
Summary
References
3
Exploitation Basics
Exploitation Basics
Basic terms of exploitation
Summary
References
4
Meterpreter Basics
Meterpreter Basics
Working of the Meterpreter
Meterpreter in action
Summary
References
5
Vulnerability Scanning and Information Gathering
Vulnerability Scanning and Information Gathering
Information Gathering through Metasploit
Active Information Gathering
Working with Nmap
Working with Nessus
Report importing in Metasploit
Summary
References
6
Client-side Exploitation
Client-side Exploitation
What are client-side attacks?
Summary
References
7
Post Exploitation
Post Exploitation
What is post exploitation?
Summary
References
8
Post Exploitation – Privilege Escalation
Post Exploitation – Privilege Escalation
Understanding Privilege Escalation
Summary
References
9
Post Exploitation – Cleaning Up Traces
Post Exploitation – Cleaning Up Traces
Disabling firewalls and other network defenses
Summary
References
10
Post Exploitation – Backdoors
Post Exploitation – Backdoors
What is a backdoor?
Creating an EXE backdoor
Summary
References
11
Post Exploitation – Pivoting and Network Sniffing
Post Exploitation – Pivoting and Network Sniffing
What is pivoting?
Pivoting in a network
Sniffing in a network
Summary
References
12
Exploit Research with Metasploit
Exploit Research with Metasploit
Exploit writing tips and tricks
Writing exploits
Scripting with Metasploit
Summary
References
13
Using Social Engineering Toolkit and Armitage
Using Social Engineering Toolkit and Armitage
Understanding the Social Engineering Toolkit
Armitage
Summary
References
Index
Index

Chapter 1. Lab Setup

In this chapter we are going to demonstrate the complete lab setup needed for the practical, hands-on working experience with this book. To set up the lab we need three things: Oracle VM VirtualBox, Microsoft Windows XP SP2, and BackTrack 5 R2.

Oracle VM VirtualBox is a product of Sun Microsystems. It is a software virtualization application and is used for running multiple operating systems on a single computer. It supports many operating systems including Linux, Macintosh, Sun Solaris, BSD, and OS/2. Each virtual machine can execute its own operating system in parallel with the host operating system. It also supports Network adapters, USB devices, and Physical disk drives within a virtual machine.

Microsoft Windows XP is an operating system produced by the Microsoft Corporation. It is primarily used for personal computers and laptops.

BackTrack is a Linux-based freeware operating system. It is widely used by security professionals and penetration testers. It consists of a lot of open source tools for penetration testing and digital forensics.

Now we will install both operating systems in Oracle VM VirtualBox, and use BackTrack as an attacker machine and Windows XP as the victim machine.

Previous Section
End of Section 1
Next Section