• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Metapwn
 
  • 1,467 views

Metapwn by Prajwal Panchmahalkar @ null Hyderabad Meet, December, 2010

Metapwn by Prajwal Panchmahalkar @ null Hyderabad Meet, December, 2010

Statistics

Views

Total Views
1,467
Views on SlideShare
1,362
Embed Views
105

Actions

Likes
3
Downloads
49
Comments
1

1 Embed 105

http://null.co.in 105

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Metapwn Metapwn Presentation Transcript

    • Now Pwn at a pufff….
    •  
    •  
      • Metasploit Framework
      • metaPwn
      • FastTrack
      • Armitage – The new and easy convention.
      • SET
      • Metasploit - The single most powerful tool available today for the Penetration testers.
      • Used for Developing and executing exploit code against any target machine.
      • An open source ruby framework, moved from perl.
      • Lib : the ‘meat’ of the framework code base.
      • Data : editable files used by Metasploit
      • Tools : useful commandline utilities
      • Modules : the Framework modules.
      • Payloads
      • Scripts
      • External
    •  
    •  
    •  
    •  
      • The most popular and best way to use Metasploit Framework.
      • Efficient and wide access to all the options.
      • Execution of external commands is possible 
      • It is very importand that you analyze your target
      • The scan results (generally by nmap) are very useful.
      • Know the services running on the Target machine from the scan results.
      • Determine the vulnerabilities.
      • Search
      • Tab Completion.
      • Check
      • load
      • Connect
      • Irb
      • route
      • run/exploit and more …. Follow the demos >>
    •  
    •  
      • Know the target
      • Scan for the suspected vulnerabilities
      • Find the pertaining payloads.
      • Launch payloads to exploit (Attack)
      • Post Exploitation.
      • Scan and Create a database
      • Import them to metasploit
      • And “ autopwn. “  
    •  
    •  
      • Fast-Track is one more automated penetration suite.
      • Fast-Track has 3 modes of operation
        • Interactive mode
        • GUI mode 
        • Console mode (obsolete)
      • Fast-Track comes with a good interface and support
      • Tutorials available
      • Automates the exploitation
      • Dependent on Metasploit , so have it updated .
    •  
      • Social Engineering Tool kit
      • Comes with 10 major functions.
        • Spear-phishing Attack Vectors
        • Website attack vectors
        • Infection media generator
        • Create a payload and listener
        • Mass mailer attack
        • Teensy USB HID attack vector
        • SMS spoofing attack vector
      • All the above listed attacks make the major attacks on the contemporary sytems.
      • Lets have a detailed glimpse at all these services from SET….
      • A very well Mapped GUI for penetration testing
      • Provides a very good GUI and a map of the target machines
      • Armitage also uses Metasploit framework to test on the target
      • “ Little is to be said and rest is the action” 
    •  
    • Source : http://icis2005.unlv.edu/
    • Source :http://telegraph.co.uk
    • Source :http://telegraph.co.uk
    •  
    •