The Metasploit        FrameworkBy Elhamer Oussama Abdelkhalek
Contents :• Introduction :I. Basics .II. Running an attack The old fashioned way .III. Overview of the metasploit project ...
Exploitation !• Vulnerability : a weakness which allow an attacker to braek  into a system security.• Exploit : code which...
-Vunerability-Exploit-Payload
1. Exploit RunsFirst 2. PayLoad Runs NextIf Exploit Succeed                                    Exploit + Payload          ...
Run an Exploit The Old Fashion Way.The Vulnerability : RPCDCOM   The Buffer Overflow In Rcp Interface ;.The Exploit And Th...
The Problem !• A Lot Of Exploits !• Hard To Cutomize The Payload .• Testing exploit Research is Painfull !.• Metasploit is...
What Is Metasploit ?• Metasploit has come to be synonymous with the Metasploit  Framework.• The Metasploit Project Whose g...
Benefits• Over 600 tested exploits and 200 payloads !• Plug and play of payloads with exploits   -matching the Payload whi...
Using Metasploit • Show – list modules available (exploits, payloads, etc) • Use – Use a specific exploit module • Set – s...
Using Metasploit :
Metasploit Architecture:
MeterPreter•   What We Are Looking For is a Payload which :•    - Avoid Creation of a new Process .•   - Should Run in The...
Meterpreter Basics•   Post exploitation Tool•   Woks by using in memory DLL injection•   Does Not Create any files on disk...
How It Works•   When The Exploit Succeed•   Exploit and Run The First PayLoad •   PayLoad Connectes Back To Msf •   2nd ...
Using Meterpreter• DEMO
Client Server CommunicationIn Meterpreter• The Communication Is Encrypted .• In The Form of TlVs (Type Length Value).• So ...
Upcoming SlideShare
Loading in...5
×

BSides Algiers - Metasploit framework - Oussama Elhamer

788

Published on

Published in: Technology, Education
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
788
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
66
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

BSides Algiers - Metasploit framework - Oussama Elhamer

  1. 1. The Metasploit FrameworkBy Elhamer Oussama Abdelkhalek
  2. 2. Contents :• Introduction :I. Basics .II. Running an attack The old fashioned way .III. Overview of the metasploit project and frameworkIV. Run the same attack using metasploit .• Metasploit overview and Basic framework usage .I. Metasploit Architechture .II. Consols .• MeterPreter basics and overView
  3. 3. Exploitation !• Vulnerability : a weakness which allow an attacker to braek into a system security.• Exploit : code which allow attacker to take advantage of a vulnerable system• Payload : A code that Run On the System After Exploitation
  4. 4. -Vunerability-Exploit-Payload
  5. 5. 1. Exploit RunsFirst 2. PayLoad Runs NextIf Exploit Succeed Exploit + Payload Data DownLooadVulnerableSystem Attacker Uploading Malwares …
  6. 6. Run an Exploit The Old Fashion Way.The Vulnerability : RPCDCOM The Buffer Overflow In Rcp Interface ;.The Exploit And The PayLoad are Availble ;
  7. 7. The Problem !• A Lot Of Exploits !• Hard To Cutomize The Payload .• Testing exploit Research is Painfull !.• Metasploit is a Short Cut 
  8. 8. What Is Metasploit ?• Metasploit has come to be synonymous with the Metasploit Framework.• The Metasploit Project Whose goal is to provide information that will be useful inI. Pentration Testing.II. IDS Signature.I. exploit research.• Developped By H.D Moor 2003 then acquired by Rapid7• Primarily written in perl,• Then Rewritten in Ruby ‘Largest proGramme Even Wrotte In Ruby’ !!• The framework is an open-source platform for developing, testing and using exploit code.• The current “stable” version is version 4• Similar to the commercial projects Canvas (Immunity) and Impact (Core)
  9. 9. Benefits• Over 600 tested exploits and 200 payloads !• Plug and play of payloads with exploits -matching the Payload whith The Exloit -Try different Payload with The Same Exploit Code .• Lot Of Tools and Features For better And Faster pentests
  10. 10. Using Metasploit • Show – list modules available (exploits, payloads, etc) • Use – Use a specific exploit module • Set – set specific variables (Case sensitive) • RHOST – Remote Host (who we’re attacking) • PAYLOAD – The payload to carry • LHOST – Local Host (for the phone home attacks, reverse shell) • Exploit – run the exploit. • RpcDcom Using Metasploit.
  11. 11. Using Metasploit :
  12. 12. Metasploit Architecture:
  13. 13. MeterPreter• What We Are Looking For is a Payload which :• - Avoid Creation of a new Process .• - Should Run in The Exploited process’ Context.• - Should Not Created a new File On disk .• - Import More Functionality (extending ) and not Be Limited Whith The Created Remote Shell Commande .• - That Exactly What MeterPreter Do !
  14. 14. Meterpreter Basics• Post exploitation Tool• Woks by using in memory DLL injection• Does Not Create any files on disk• Uses encrypted communication between Client and Attacker• Stable ,Flexible and Extensible !• Can be extended at runtime by shipping dlls To the Victime
  15. 15. How It Works• When The Exploit Succeed• Exploit and Run The First PayLoad • PayLoad Connectes Back To Msf • 2nd Stage Dll Injection Payload Sent • Msf Sends Merterpreter Server Dll• Client And Server Communication 
  16. 16. Using Meterpreter• DEMO
  17. 17. Client Server CommunicationIn Meterpreter• The Communication Is Encrypted .• In The Form of TlVs (Type Length Value).• So Multiple Channels Of communication can use the same client –server connection .• Allow For multiple programs running on the victim to communicate at the same Time .• Demo.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×