Book Image

Metasploit Penetration Testing Cookbook - Third Edition

By : Daniel Teixeira, Abhinav Singh, Nipun Jaswal, Monika Agarwal
Book Image

Metasploit Penetration Testing Cookbook - Third Edition

By: Daniel Teixeira, Abhinav Singh, Nipun Jaswal, Monika Agarwal

Overview of this book

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports. In this book, you will go through great recipes that will allow you to start using Metasploit effectively. With an ever increasing level of complexity, and covering everything from the fundamentals to more advanced features in Metasploit, this book is not just for beginners but also for professionals keen to master this awesome tool. You will begin by building your lab environment, setting up Metasploit, and learning how to perform intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post exploitation—all inside Metasploit. You will learn how to create and customize payloads to evade anti-virus software and bypass an organization's defenses, exploit server vulnerabilities, attack client systems, compromise mobile phones, automate post exploitation, install backdoors, run keyloggers, highjack webcams, port public exploits to the framework, create your own modules, and much more.

Related Content you might be interested in

Current Title:

Small book image
Metasploit Penetration Testing Cookbook - Third Edition
Daniel Teixeira | Abhinav Singh | Nipun Jaswal | Monika Agarwal
Feb, 2018 | 426 pages
Small book image
Mastering Metasploit
Nipun Jaswal
Jun, 2020 | 502 pages
Small book image
Metasploit for Beginners
Sagar Rahalkar
Jul, 2017 | 190 pages
Small book image
Industrial Cybersecurity
Pascal Ackerman
Oct, 2017 | 456 pages
Table of Contents (20 chapters)
Title Page
Title Page
Copyright and Credits
Copyright and Credits
Contributors
Contributors
Packt Upsell
Packt Upsell
Preface
Preface
Free Chapter
1
Metasploit Quick Tips for Security Professionals
Metasploit Quick Tips for Security Professionals
Introduction
Installing Metasploit on Windows
Installing Linux and macOS
Installing Metasploit on macOS
Using Metasploit in Kali Linux
Setting up a penetration-testing lab
Setting up SSH connectivity
Connecting to Kali using SSH
Configuring PostgreSQL
Creating  workspaces
Using the database
Using the hosts command
Understanding the services command
2
Information Gathering and Scanning
Information Gathering and Scanning
Introduction
Passive information gathering with Metasploit
Active information gathering with Metasploit
Port scanning—the Nmap way
Port scanning—the db_nmap way
Host discovery with ARP Sweep
UDP Service Sweeper
SMB scanning and enumeration
Detecting SSH versions with the SSH Version Scanner
FTP scanning
SMTP enumeration
SNMP enumeration
HTTP scanning
WinRM scanning and brute forcing
Integrating with Nessus
Integrating with NeXpose
Integrating with OpenVAS
3
Server-Side Exploitation
Server-Side Exploitation
Introduction
Exploiting a Linux server
SQL injection
Types of shell
Exploiting a Windows Server machine
Exploiting common services
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
MS17-010 EternalRomance/EternalSynergy/EternalChampion
Installing backdoors
Denial of Service
4
Meterpreter
Meterpreter
Introduction
Understanding the Meterpreter core commands
Understanding the Meterpreter filesystem commands
Understanding Meterpreter networking commands
Understanding the Meterpreter system commands
Setting up multiple communication channels with the target
Meterpreter anti-forensics
The getdesktop and keystroke sniffing
Using a scraper Meterpreter script
Scraping the system using winenum
Automation with AutoRunScript
Meterpreter resource scripts
Meterpreter timeout control
Meterpreter sleep control
Meterpreter transports
Interacting with the registry
Loading framework plugins
Meterpreter API and mixins
Railgun—converting Ruby into a weapon
Adding DLL and function definitions to Railgun
Injecting the VNC server remotely
Enabling Remote Desktop
5
Post-Exploitation
Post-Exploitation
Introduction
Post-exploitation modules
Bypassing UAC
Dumping the contents of the SAM database
Passing the hash
Incognito attacks with Meterpreter
Using Mimikatz
Setting up a persistence with backdoors
Becoming TrustedInstaller
Backdooring Windows binaries
Pivoting with Meterpreter
Port forwarding with Meterpreter
Credential harvesting
Enumeration modules
Autoroute and socks proxy server
Analyzing an existing post-exploitation module
Writing a post-exploitation module
6
Using MSFvenom
Using MSFvenom
Introduction
Payloads and payload options
Encoders
Output formats
Templates
Meterpreter payloads with trusted certificates
7
Client-Side Exploitation and Antivirus Bypass
Client-Side Exploitation and Antivirus Bypass
Introduction
Exploiting a Windows 10 machine
Bypassing antivirus and IDS/IPS
Metasploit macro exploits
Human Interface Device attacks
HTA attack
Backdooring executables using a MITM attack
Creating a Linux trojan
Creating an Android backdoor
8
Social-Engineer Toolkit
Social-Engineer Toolkit
Introduction
Getting started with the Social-Engineer Toolkit
Working with the spear-phishing attack vector
Website attack vectors
Working with the multi-attack web method
Infectious media generator
9
Working with Modules for Penetration Testing
Working with Modules for Penetration Testing
Introduction
Working with auxiliary modules
DoS attack modules
Post-exploitation modules
Understanding the basics of module building
Analyzing an existing module
Building your own post-exploitation module
Building your own auxiliary module
10
Exploring Exploits
Exploring Exploits
Introduction
Common exploit mixins
Exploiting the module structure
Using MSFvenom to generate shellcode
Converting an exploit to a Metasploit module
Porting and testing the new exploit module
Fuzzing with Metasploit
Writing a simple fuzzer
11
Wireless Network Penetration Testing
Wireless Network Penetration Testing
Introduction
Metasploit and wireless
Understanding an evil twin attack
Configuring Karmetasploit
Wireless MITM attacks
SMB relay attacks
12
Cloud Penetration Testing
Cloud Penetration Testing
Introduction
Metasploit in the cloud
Metasploit PHP Hop
Phishing from the cloud
Setting up a cloud penetration testing lab
13
Best Practices
Best Practices
Introduction
Best practices
Using Metasploit over the Tor network
Metasploit logging
Documentation
Cleaning up
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

Contributors

About the authors

Daniel Teixeira is an IT security expert, author, and trainer, specializing in red team engagements, penetration testing, and vulnerability assessments. His main areas of focus are adversary simulation, emulation of modern adversarial tactics, techniques and procedures; vulnerability research, and exploit development.

To my wife and daughter for their continued support, patience, and encouragement, and to my parents, for without them, none of this would have been possible.

Abhinav Singh is a well-known information security researcher. He is the author of Metasploit Penetration Testing Cookbook (first and second editions) and Instant Wireshark Starter, by Packt. He is an active contributor to the security community—paper publications, articles, and blogs. His work has been quoted in several security and privacy magazines, and digital portals. He is a frequent speaker at eminent international conferences—Black Hat and RSA. His areas of expertise include malware research, reverse engineering, enterprise security, forensics, and cloud security.

I'd like to thank my grandparents for their blessings and my parents for their constant support—without them, nothing would've been possible in this world. I'd like to thank my sister for being my doctor and taking care of my fatigue level; my wife for being my constant timekeeper and a patient listener; Manchester United for teaching me the value of hard work; and Packt for helping me reach a major career milestone.

 

 

Monika Agarwal is a young Information Security Researcher from India. She has presented many research papers at both national and international conferences. She is a member of IAENG (International Association of Engineers). Her main areas of interest are ethical hacking and ad hoc networking.

I would like to thank my parents, my husband, Nikhil, and give special thanks to my father-in-law and mother-in-law for always being so supportive. And last but not the least, Packt, for giving me this opportunity.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

 

Previous Section
Next Chapter