Book Image

Mastering Metasploit - Third Edition

By : Nipun Jaswal
Book Image

Mastering Metasploit - Third Edition

By: Nipun Jaswal

Overview of this book

We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you’ll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.
Table of Contents (14 chapters)

Post-exploitation with Armitage

Armitage makes post-exploitation as easy as clicking on a button. To execute post-exploitation modules, right-click on the exploited host and choose Meterpreter 4 as follows:

Choosing Meterpreter will present all the post-exploitation modules in sections. If we want to elevate privileges or gain system-level access, we will navigate to the Access submenu and click on the appropriate button, depending on our requirements.

The Interact submenu will provide options for getting a command prompt, another Meterpreter, and so on. The Explore submenu will offer options such as Browse Files, Show Processes, Log Keystrokes, Screenshot, Webcam Shot, and Post Modules, which are used to launch other post-exploitation modules that are not present in this submenu.

This is shown in the following screenshot:

Let's run a simple post-exploitation module by...