7. Client-side Exploitation | Mastering Metasploit

Sign In Start Free Trial

Book Overview & Buying
Table Of Contents
Feedback & Rating

Mastering Metasploit - Second Edition

By : Nipun Jaswal

3.2 (5)

Mastering Metasploit

3.2 (5)

By: Nipun Jaswal

Overview of this book

Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities. We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher, and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.

Preface

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Free Chapter

1. Approaching a Penetration Test Using Metasploit

1. Approaching a Penetration Test Using Metasploit

Organizing a penetration test

Preinteractions

Intelligence gathering/reconnaissance phase

Predicting the test grounds

Setting up Kali Linux in virtual environment

The fundamentals of Metasploit

Conducting a penetration test with Metasploit

Benefits of penetration testing using Metasploit

Penetration testing an unknown network

Using databases in Metasploit

Modeling threats

Vulnerability analysis of VSFTPD 2.3.4 backdoor

Vulnerability analysis of PHP-CGI query string parameter vulnerability

Vulnerability analysis of HFS 2.3

Maintaining access

Clearing tracks

Revising the approach

Summary

2. Reinventing Metasploit

2. Reinventing Metasploit

Ruby – the heart of Metasploit

Developing custom modules

Breakthrough meterpreter scripting

Working with RailGun

Summary

3. The Exploit Formulation Process

3. The Exploit Formulation Process

The absolute basics of exploitation

Exploiting stack-based buffer overflows with Metasploit

Exploiting SEH-based buffer overflows with Metasploit

Bypassing DEP in Metasploit modules

Other protection mechanisms

Summary

4. Porting Exploits

4. Porting Exploits

Importing a stack-based buffer overflow exploit

Importing web-based RCE into Metasploit

Importing TCP server/ browser-based exploits into Metasploit

Summary

5. Testing Services with Metasploit

5. Testing Services with Metasploit

The fundamentals of SCADA

Database exploitation

Testing VOIP services

Summary

6. Virtual Test Grounds and Staging

6. Virtual Test Grounds and Staging

Performing a penetration test with integrated Metasploit services

Summary

7. Client-side Exploitation

7. Client-side Exploitation

Exploiting browsers for fun and profit

Metasploit and Arduino - the deadly combination

File format-based exploitation

Compromising Linux clients with Metasploit

Attacking Android with Metasploit

Summary

8. Metasploit Extended

8. Metasploit Extended

The basics of post exploitation with Metasploit

Basic post exploitation commands

Advanced post exploitation with Metasploit

Additional post exploitation modules

Advanced extended features of Metasploit

Summary

9. Speeding up Penetration Testing

9. Speeding up Penetration Testing

Using pushm and popm commands

The loadpath command

Pacing up development using reload, edit and reload_all commands

Making use of resource scripts

Using AutoRunScript in Metasploit

Globalizing variables in Metasploit

Automating Social-Engineering Toolkit

Summary

10. Visualizing with Armitage

10. Visualizing with Armitage

The fundamentals of Armitage

Scanning networks and host management

Exploitation with Armitage

Post-exploitation with Armitage

Attacking on the client side with Armitage

Scripting Armitage

Summary

Further reading

Customer Reviews

3.2 (5)

5 star

40%

4 star

20%

3 star

0%

2 star

0%

1 star

40%

Compromising Linux clients with Metasploit

It is quite easy to spawn a shell on a Linux box with Metasploit using elf files in a similar way that we did for Windows boxes using executables (.exe). We simply need to create an elf file using msfvenom and then pass it onto the Linux system. We will require an exploit handler to handle all communications from the exploited system as well. Let's see how we can compromise a Linux box with ease:

We created an elf file and copied it to Apache's public directory, exactly the way we did in the previous examples of msfvenom. The only difference is that the elf is the default binary format for Linux systems, while exe is the default format for Windows. The next step is to gain access to the target system physically or by sending the malicious file. Let's say we got physical access to the system and performed the following steps:

We downloaded the file using the wget utility and gave full permissions to the file using the chmod utility.

Tip

Allowing...

Visually different images

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Mastering Metasploit

Search

Your notes and bookmarks