SlideShare a Scribd company logo

metasploitHelper - Spiderlabs

Keith Lee
Keith Lee

This document discusses metasploitHelper, a tool that helps penetration testers identify relevant Metasploit modules during a test. It crawls Metasploit modules to extract port numbers, target URIs, and titles. It parses Nmap scans to get port/service info, then performs lookups to find matching modules. It generates resource scripts and a report. Problems addressed include blocked user agents and ambiguous target URIs. The presentation demonstrates metasploitHelper's workflow and outputs.

Technology
1 of 19
Download to read offline
metasploitHelper Keith Lee & Michael Gianarakis Blackhat Asia Arsenal 2015
#whoami @keith55 Security Consultant at SpiderLabs @mgianarakis Managing Consultant at SpiderLabs Application Security
What Is This Presentation About? • Problems metasploitHelper tries to resolves • How metasploitHelper works • Problems faced during development • Some gotchas
Problems metasploitHelper tries to resolves
Problems metasploitHelper tries to resolves • There are new Metasploit modules released every now and then. It is difficult to keep up with every Metasploit modules that have been released. • We do not want to miss any easy to spot vulnerabilites during a penetration test. • Manual penetration testing is still recommended, this tool is meant to assist penetration testers during tests.
Metasploit Modules • Modules can be categorize into auxiliary and exploit modules. • Modules can also be categorize into HTTP URI and port based exploits.
How metasploitHelper works
How metasploitHelper works Crawls the metasploit modules folder and extracts the port numbers / targeturi and title of the module port numbers targeturi Writes the results to default-path.csv Writes the results to port2Msf.csv Parses the nmap xml file and extracts the port numbers and HTTP(s) services port numbers targeturi Perform a lookup based on the port number and find the matching Metasploit module Bruteforce the targeturi against all the HTTP(s) services listed in default- path.csv Writes the results to Metasploit resource scripts and generate report file "report.txt".
Problems faced
Problems faced • There are websites that blocks scripts using invalid user agent. 
 The script circumvent this by faking the user- agent. • The target web server returns a status code of 200 for all URIs.
 The script attempts to tests the web server for fictious URIs. The script does not continue with the bruteforce unless the -detect parameter is specified. 
 The script performs a match for the keywords in the page title against that of the title of the Metasploit module.
Some Gotchas
Some Gotchas • Some Metasploit modules do not specify the correct TARGETURI. • Instead, they have specified the root / as the TARGETURI.
Demo
metasploitHelper Help Menu
Running metasploitHelper
Generated 'data' files by crawling Metasploit modules folder
Generated report.txt contain list of matching modules (HTTP/Port based exploits)
Running the Generated Metasploit Resource Scripts against Target (Metasploitable VM)
Conclusion • The script can be downloaded from https:// github.com/milo2012/metasploitHelper/.

Recommended

Basics of Server Side Template Injection
Basics of Server Side Template InjectionBasics of Server Side Template Injection
Basics of Server Side Template Injection
Vandana Verma
 
Testing in Rails 3.x
Testing in Rails 3.xTesting in Rails 3.x
Testing in Rails 3.x
nelinger
 
mocha sinon chai Dc jquery 4-24
mocha sinon chai Dc jquery 4-24 mocha sinon chai Dc jquery 4-24
mocha sinon chai Dc jquery 4-24
Carson Banov
 
test
testtest
testkadalarasu kadalarasu
 
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Keith Lee
 
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docxMKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
kendalfarrier
 
Metasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeMetasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning Tree
E Hacking
 
Microsoft Fakes, Unit Testing the (almost) Untestable Code
Microsoft Fakes, Unit Testing the (almost) Untestable CodeMicrosoft Fakes, Unit Testing the (almost) Untestable Code
Microsoft Fakes, Unit Testing the (almost) Untestable Code
Aleksandar Bozinovski
 

Recommended

Basics of Server Side Template Injection
Basics of Server Side Template InjectionBasics of Server Side Template Injection
Basics of Server Side Template Injection
Vandana Verma
 
Testing in Rails 3.x
Testing in Rails 3.xTesting in Rails 3.x
Testing in Rails 3.x
nelinger
 
mocha sinon chai Dc jquery 4-24
mocha sinon chai Dc jquery 4-24 mocha sinon chai Dc jquery 4-24
mocha sinon chai Dc jquery 4-24
Carson Banov
 
test
testtest
testkadalarasu kadalarasu
 
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Keith Lee
 
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docxMKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
kendalfarrier
 
Metasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeMetasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning Tree
E Hacking
 
Microsoft Fakes, Unit Testing the (almost) Untestable Code
Microsoft Fakes, Unit Testing the (almost) Untestable CodeMicrosoft Fakes, Unit Testing the (almost) Untestable Code
Microsoft Fakes, Unit Testing the (almost) Untestable Code
Aleksandar Bozinovski
 
Unit Tests with Microsoft Fakes
Unit Tests with Microsoft FakesUnit Tests with Microsoft Fakes
Unit Tests with Microsoft Fakes
Aleksandar Bozinovski
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development Testing
Cathal King
 
Online Spanish meetup #1
Online Spanish meetup #1Online Spanish meetup #1
Online Spanish meetup #1
Alexandra N. Martinez
 
ASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncubeASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncube
Malisa Ncube
 
Odinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingOdinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support Testing
Alan Richardson
 
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
AOE
 
walkmod - JUG talk
walkmod - JUG talkwalkmod - JUG talk
walkmod - JUG talk
walkmod
 
How to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check TuneupHow to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check Tuneup
Bala Subra
 
Virtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and LoggingVirtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and Logging
Jimmy Attia
 
MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019
Subhash Patel
 
Creating testing tools to support development
Creating testing tools to support developmentCreating testing tools to support development
Creating testing tools to support development
Chema del Barco
 
Devday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvuDevday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvu
Phat VU
 
JAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & JasmineJAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & Jasmine
Anup Singh
 
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationNguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Security Bootcamp
 
Test Driven Development with Sql Server
Test Driven Development with Sql ServerTest Driven Development with Sql Server
Test Driven Development with Sql Server
David P. Moore
 
Hot sos em12c_metric_extensions
Hot sos em12c_metric_extensionsHot sos em12c_metric_extensions
Hot sos em12c_metric_extensions
Kellyn Pot'Vin-Gorman
 
MuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation SlidesMuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation Slides
Subhash Patel
 
So You Want to Write an Exporter
So You Want to Write an ExporterSo You Want to Write an Exporter
So You Want to Write an Exporter
Brian Brazil
 
CTS2 Development Framework
CTS2 Development FrameworkCTS2 Development Framework
CTS2 Development Framework
cts2framework
 
Best Practices for Magento Debugging
Best Practices for Magento Debugging Best Practices for Magento Debugging
Best Practices for Magento Debugging
varien
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 

More Related Content

Similar to metasploitHelper - Spiderlabs

Unit Tests with Microsoft Fakes
Unit Tests with Microsoft FakesUnit Tests with Microsoft Fakes
Unit Tests with Microsoft Fakes
Aleksandar Bozinovski
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development Testing
Cathal King
 
Online Spanish meetup #1
Online Spanish meetup #1Online Spanish meetup #1
Online Spanish meetup #1
Alexandra N. Martinez
 
ASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncubeASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncube
Malisa Ncube
 
Odinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingOdinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support Testing
Alan Richardson
 
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
AOE
 
walkmod - JUG talk
walkmod - JUG talkwalkmod - JUG talk
walkmod - JUG talk
walkmod
 
How to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check TuneupHow to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check Tuneup
Bala Subra
 
Virtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and LoggingVirtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and Logging
Jimmy Attia
 
MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019
Subhash Patel
 
Creating testing tools to support development
Creating testing tools to support developmentCreating testing tools to support development
Creating testing tools to support development
Chema del Barco
 
Devday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvuDevday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvu
Phat VU
 
JAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & JasmineJAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & Jasmine
Anup Singh
 
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationNguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Security Bootcamp
 
Test Driven Development with Sql Server
Test Driven Development with Sql ServerTest Driven Development with Sql Server
Test Driven Development with Sql Server
David P. Moore
 
Hot sos em12c_metric_extensions
Hot sos em12c_metric_extensionsHot sos em12c_metric_extensions
Hot sos em12c_metric_extensions
Kellyn Pot'Vin-Gorman
 
MuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation SlidesMuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation Slides
Subhash Patel
 
So You Want to Write an Exporter
So You Want to Write an ExporterSo You Want to Write an Exporter
So You Want to Write an Exporter
Brian Brazil
 
CTS2 Development Framework
CTS2 Development FrameworkCTS2 Development Framework
CTS2 Development Framework
cts2framework
 
Best Practices for Magento Debugging
Best Practices for Magento Debugging Best Practices for Magento Debugging
Best Practices for Magento Debugging
varien
 

Similar to metasploitHelper - Spiderlabs (20)

Unit Tests with Microsoft Fakes
Unit Tests with Microsoft FakesUnit Tests with Microsoft Fakes
Unit Tests with Microsoft Fakes
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development Testing
 
Online Spanish meetup #1
Online Spanish meetup #1Online Spanish meetup #1
Online Spanish meetup #1
 
ASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncubeASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncube
 
Odinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingOdinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support Testing
 
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
 
walkmod - JUG talk
walkmod - JUG talkwalkmod - JUG talk
walkmod - JUG talk
 
How to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check TuneupHow to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check Tuneup
 
Virtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and LoggingVirtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and Logging
 
MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019
 
Creating testing tools to support development
Creating testing tools to support developmentCreating testing tools to support development
Creating testing tools to support development
 
Devday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvuDevday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvu
 
JAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & JasmineJAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & Jasmine
 
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationNguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
 
Test Driven Development with Sql Server
Test Driven Development with Sql ServerTest Driven Development with Sql Server
Test Driven Development with Sql Server
 
Hot sos em12c_metric_extensions
Hot sos em12c_metric_extensionsHot sos em12c_metric_extensions
Hot sos em12c_metric_extensions
 
MuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation SlidesMuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation Slides
 
So You Want to Write an Exporter
So You Want to Write an ExporterSo You Want to Write an Exporter
So You Want to Write an Exporter
 
CTS2 Development Framework
CTS2 Development FrameworkCTS2 Development Framework
CTS2 Development Framework
 
Best Practices for Magento Debugging
Best Practices for Magento Debugging Best Practices for Magento Debugging
Best Practices for Magento Debugging
 

Recently uploaded

By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 

Recently uploaded (20)

By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 

metasploitHelper - Spiderlabs

  • 1. metasploitHelper Keith Lee & Michael Gianarakis Blackhat Asia Arsenal 2015
  • 2. #whoami @keith55 Security Consultant at SpiderLabs @mgianarakis Managing Consultant at SpiderLabs Application Security
  • 3. What Is This Presentation About? • Problems metasploitHelper tries to resolves • How metasploitHelper works • Problems faced during development • Some gotchas
  • 5. Problems metasploitHelper tries to resolves • There are new Metasploit modules released every now and then. It is difficult to keep up with every Metasploit modules that have been released. • We do not want to miss any easy to spot vulnerabilites during a penetration test. • Manual penetration testing is still recommended, this tool is meant to assist penetration testers during tests.
  • 6. Metasploit Modules • Modules can be categorize into auxiliary and exploit modules. • Modules can also be categorize into HTTP URI and port based exploits.
  • 8. How metasploitHelper works Crawls the metasploit modules folder and extracts the port numbers / targeturi and title of the module port numbers targeturi Writes the results to default-path.csv Writes the results to port2Msf.csv Parses the nmap xml file and extracts the port numbers and HTTP(s) services port numbers targeturi Perform a lookup based on the port number and find the matching Metasploit module Bruteforce the targeturi against all the HTTP(s) services listed in default- path.csv Writes the results to Metasploit resource scripts and generate report file "report.txt".
  • 10. Problems faced • There are websites that blocks scripts using invalid user agent. 
 The script circumvent this by faking the user- agent. • The target web server returns a status code of 200 for all URIs.
 The script attempts to tests the web server for fictious URIs. The script does not continue with the bruteforce unless the -detect parameter is specified. 
 The script performs a match for the keywords in the page title against that of the title of the Metasploit module.
  • 12. Some Gotchas • Some Metasploit modules do not specify the correct TARGETURI. • Instead, they have specified the root / as the TARGETURI.
  • 13. Demo
  • 16. Generated 'data' files by crawling Metasploit modules folder
  • 17. Generated report.txt contain list of matching modules (HTTP/Port based exploits)
  • 18. Running the Generated Metasploit Resource Scripts against Target (Metasploitable VM)
  • 19. Conclusion • The script can be downloaded from https:// github.com/milo2012/metasploitHelper/.