Book Image

Mastering Metasploit - Third Edition

By : Nipun Jaswal
Book Image

Mastering Metasploit - Third Edition

By: Nipun Jaswal

Overview of this book

We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you’ll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.
Table of Contents (14 chapters)

Naming conventions

In a sizeable penetration test scenario, we may get a large number of system and Meterpreter shells. In such cases, it is better to name all the shells for easy identification. Consider the following scenario:

We can name a shell using the -n switch, as shown in the following screenshot:

The naming seems better and easy to remember, as we can see in the preceding screenshot.

Changing the prompt and making use of database variables

How cool is it to work on your favorite penetration testing framework and have your prompt? Very easy, I would say. To have your prompt in Metasploit, all you need to do is to set a prompt variable to anything of your choice. Taking the fun apart, suppose that you tend to forget...