Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Copyright
Credits
About the Author
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
Getting Started with Metasploit
Setting up Kali Linux in a virtual environment
The fundamentals of Metasploit
Basics of Metasploit Framework
Architecture of Metasploit
Metasploit Framework console and commands
Benefits of using Metasploit
Penetration testing with Metasploit
Assumptions and testing setup
Phase-I: footprinting and scanning
Phase-II: gaining access to the target
Phase-III: maintaining access / post-exploitation / covering tracks
Summary and exercises
Identifying and Scanning Targets
Working with FTP servers using Metasploit
Scanning FTP services
Modifying scanner modules for fun and profit
Scanning MSSQL servers with Metasploit
Using the mssql_ping module
Brute-forcing MSSQL passwords
Scanning SNMP services with Metasploit
Scanning NetBIOS services with Metasploit
Scanning HTTP services with Metasploit
Scanning HTTPS/SSL with Metasploit
Module building essentials
The format of a Metasploit module
Disassembling existing HTTP server scanner modules
Libraries and the function
Summary and exercises
Exploitation and Gaining Access
Setting up the practice environment
Exploiting applications with Metasploit
Using db_nmap in Metasploit
Exploiting Desktop Central 9 with Metasploit
Testing the security of a GlassFish web server with Metasploit
Exploiting FTP services with Metasploit
Exploiting browsers for fun and profit
The browser autopwn attack
The technology behind a browser autopwn attack
Attacking browsers with Metasploit browser_autopwn
Attacking Android with Metasploit
Converting exploits to Metasploit
Gathering the essentials
Generating a Metasploit module
Exploiting the target application with Metasploit
Summary and exercises
Post-Exploitation with Metasploit
Extended post-exploitation with Metasploit
Basic post-exploitation commands
The help menu
Background command
Machine ID and the UUID command
Networking commands
File operation commands
Desktop commands
Screenshots and camera enumeration
Advanced post-exploitation with Metasploit
Migrating to safer processes
Obtaining system privileges
Changing access, modification, and creation time with timestomp
Obtaining password hashes using hashdump
Metasploit and privilege escalation
Escalating privileges on Windows Server 2008
Privilege escalation on Linux with Metasploit
Gaining persistent access with Metasploit
Gaining persistent access on Windows-based systems
Gaining persistent access on Linux systems
Summary
Testing Services with Metasploit
Testing MySQL with Metasploit
Using Metasploit's mysql_version module
Brute-forcing MySQL with Metasploit
Finding MySQL users with Metasploit
Dumping the MySQL schema with Metasploit
Using file enumeration in MySQL using Metasploit
Checking for writable directories
Enumerating MySQL with Metasploit
Running MySQL commands through Metasploit
Gaining system access through MySQL
The fundamentals of SCADA
Analyzing security in SCADA systems
The fundamentals of testing SCADA
SCADA-based exploits
Implementing secure SCADA
Restricting networks
Testing Voice over Internet Protocol services
VoIP fundamentals
Fingerprinting VoIP services
Scanning VoIP services
Spoofing a VoIP call
Exploiting VoIP
About the vulnerability
Exploiting the application
Summary and exercises
Fast-Paced Exploitation with Metasploit
Using pushm and popm commands
Making use of resource scripts
Using AutoRunScript in Metasploit
Using the multiscript module in the AutoRunScript option
Global variables in Metasploit
Wrapping up and generating manual reports
The format of the report
The executive summary
Methodology/network admin-level report
Additional sections
Summary and preparation for real-world scenarios
Exploiting Real-World Challenges with Metasploit
Scenario 1: Mirror environment
Understanding the environment
Fingerprinting the target with DB_NMAP
Gaining access to vulnerable web applications
Migrating from a PHP meterpreter to a Windows meterpreter
Pivoting to internal networks
Scanning internal networks through a meterpreter pivot
Using the socks server module in Metasploit
Dumping passwords in clear text
Sniffing a network with Metasploit
Summary of the attack
Scenario 2: You can't see my meterpreter
Using shellcode for fun and profit
Encrypting the shellcode
Creating a decoder executable
Further roadmap and summary
← Prev
Back
Next →
← Prev
Back
Next →