9. Speeding up Penetration Testing | Mastering Metasploit

Sign In Start Free Trial

Book Overview & Buying
Table Of Contents

Mastering Metasploit - Second Edition

By : Nipun Jaswal

3.2 (5)

Mastering Metasploit

3.2 (5)

By: Nipun Jaswal

Overview of this book

Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities. We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher, and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.

Preface

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Free Chapter

1. Approaching a Penetration Test Using Metasploit

1. Approaching a Penetration Test Using Metasploit

Organizing a penetration test

Preinteractions

Intelligence gathering/reconnaissance phase

Predicting the test grounds

Setting up Kali Linux in virtual environment

The fundamentals of Metasploit

Conducting a penetration test with Metasploit

Benefits of penetration testing using Metasploit

Penetration testing an unknown network

Using databases in Metasploit

Modeling threats

Vulnerability analysis of VSFTPD 2.3.4 backdoor

Vulnerability analysis of PHP-CGI query string parameter vulnerability

Vulnerability analysis of HFS 2.3

Maintaining access

Clearing tracks

Revising the approach

Summary

2. Reinventing Metasploit

2. Reinventing Metasploit

Ruby – the heart of Metasploit

Developing custom modules

Breakthrough meterpreter scripting

Working with RailGun

Summary

3. The Exploit Formulation Process

3. The Exploit Formulation Process

The absolute basics of exploitation

Exploiting stack-based buffer overflows with Metasploit

Exploiting SEH-based buffer overflows with Metasploit

Bypassing DEP in Metasploit modules

Other protection mechanisms

Summary

4. Porting Exploits

4. Porting Exploits

Importing a stack-based buffer overflow exploit

Importing web-based RCE into Metasploit

Importing TCP server/ browser-based exploits into Metasploit

Summary

5. Testing Services with Metasploit

5. Testing Services with Metasploit

The fundamentals of SCADA

Database exploitation

Testing VOIP services

Summary

6. Virtual Test Grounds and Staging

6. Virtual Test Grounds and Staging

Performing a penetration test with integrated Metasploit services

Summary

7. Client-side Exploitation

7. Client-side Exploitation

Exploiting browsers for fun and profit

Metasploit and Arduino - the deadly combination

File format-based exploitation

Compromising Linux clients with Metasploit

Attacking Android with Metasploit

Summary

8. Metasploit Extended

8. Metasploit Extended

The basics of post exploitation with Metasploit

Basic post exploitation commands

Advanced post exploitation with Metasploit

Additional post exploitation modules

Advanced extended features of Metasploit

Summary

9. Speeding up Penetration Testing

9. Speeding up Penetration Testing

Using pushm and popm commands

The loadpath command

Pacing up development using reload, edit and reload_all commands

Making use of resource scripts

Using AutoRunScript in Metasploit

Globalizing variables in Metasploit

Automating Social-Engineering Toolkit

Summary

10. Visualizing with Armitage

10. Visualizing with Armitage

The fundamentals of Armitage

Scanning networks and host management

Exploitation with Armitage

Post-exploitation with Armitage

Attacking on the client side with Armitage

Scripting Armitage

Summary

Further reading

Pacing up development using reload, edit and reload_all commands

During the development phase of a module, we may need to test a module several times. Shutting down Metasploit every time while making changes to the new module is a tedious, tiresome, and time-consuming task. There must be a mechanism to make the module development an easy, short, and fun task. Fortunately, Metasploit provides the reload, edit, and reload_all commands, which make the life of module developers comparatively easy. We can edit any Metasploit module on the fly using the edit command and reload the edited module using the reload command without shutting down Metasploit. If changes are made in multiple modules, we can use the reload_all command to reload all Metasploit modules at once.

Let's look at an example:

In the preceding screenshot, we are editing the freefloatftp_user.rb exploit from the exploit/windows/ftp directory because we issued the edit command. We changed the payload size from 444 to 448 and saved...

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Mastering Metasploit

Search

Your notes and bookmarks