Book Image

Mastering Metasploit - Third Edition

By : Nipun Jaswal
Book Image

Mastering Metasploit - Third Edition

By: Nipun Jaswal

Overview of this book

We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you’ll develop the ability to perform testing on various services such as databases, Cloud environment, IoT, mobile, tablets, and similar more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.
Table of Contents (14 chapters)

Bypassing Windows firewall blocked ports

When we try to execute Meterpreter on a Windows target system, we may never get Meterpreter access. This is common in situations where an administrator has blocked a particular set of ports on the system. In this example, let's try circumventing such cases with a smart Metasploit payload. Let's quickly set up a scenario as follows:

We can see that we have set up a new firewall rule and specified port numbers 4444-6666. Proceeding to the next step, we will choose to block these outbound ports, as shown in the following screenshot:

Let's check the firewall status and our rule:

We can see that the rule is set up and our firewall is enabled on both home and public networks. Consider that we have Disk Pulse Enterprise software running at the target. We already saw in the previous chapters that we can exploit this software....