Fear the Metasploit Framework

By | September 27, 2006

The Metasploit Project is one of the most popular penetration testing suites available. If you´re responsible for the security of networked systems, you´ll want to become familiar with Metasploit Framework, so you can test your client PCs before someone with malicious intent does it for you. I´ll walk you through an example exploit of a Windows XP system to show you how effortlessly Metasploit can penetrate remote systems.

I used the version 2.6, the current stable version. Grab the stable tarball for Linux, unpack it, enter the just created framework-2.6 subdirectory, and take a look around. Among other things, you´ll find nine interesting executable Perl scripts. The first one — msfconsole — is the one that black hats can use to do penetration testing using a variety of exploits and payloads across a range of target platforms, and the one I´ll walk through here.

Don´t ignore the other scripts, though. Msfelfscan, for example, can be used to locate interesting addresses within executable and linkable format (ELF) programs, which may prove useful in developing exploits. Msfpescan does the same thing for Windows binaries. If you already know the exploit, payload, target, and options for a test, you might find Msfcli a more efficient way to launch the test than the framework itself.Read Full Story

Leave a Reply