Your SlideShare is downloading. ×
[null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

[null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

941
views

Published on

download metapwn at http://metapwn.sourceforge.net/

download metapwn at http://metapwn.sourceforge.net/

Published in: Education, Technology

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
941
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
33
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Now Pwn at a pufff….
  • 2.  
  • 3.  
  • 4.
    • Metasploit Framework
    • metaPwn
    • FastTrack
    • Armitage – The new and easy convention.
    • SET
  • 5.
    • Metasploit - The single most powerful tool available today for the Penetration testers.
    • Used for Developing and executing exploit code against any target machine.
    • An open source ruby framework, moved from perl.
  • 6.
    • Lib : the ‘meat’ of the framework code base.
    • Data : editable files used by Metasploit
    • Tools : useful commandline utilities
    • Modules : the Framework modules.
    • Payloads
    • Scripts
    • External
  • 7.  
  • 8.  
  • 9.  
  • 10.  
  • 11.
    • The most popular and best way to use Metasploit Framework.
    • Efficient and wide access to all the options.
    • Execution of external commands is possible 
  • 12.
    • It is very importand that you analyze your target
    • The scan results (generally by nmap) are very useful.
    • Know the services running on the Target machine from the scan results.
    • Determine the vulnerabilities.
  • 13.
    • Search
    • Tab Completion.
    • Check
    • load
    • Connect
    • Irb
    • route
    • run/exploit and more …. Follow the demos >>
  • 14.  
  • 15.  
  • 16.
    • Know the target
    • Scan for the suspected vulnerabilities
    • Find the pertaining payloads.
    • Launch payloads to exploit (Attack)
    • Post Exploitation.
  • 17.
    • Scan and Create a database
    • Import them to metasploit
    • And “ autopwn. “  
  • 18.  
  • 19.  
  • 20.
    • Fast-Track is one more automated penetration suite.
    • Fast-Track has 3 modes of operation
      • Interactive mode
      • GUI mode 
      • Console mode (obsolete)
  • 21.
    • Fast-Track comes with a good interface and support
    • Tutorials available
    • Automates the exploitation
    • Dependent on Metasploit , so have it updated .
  • 22.  
  • 23.
    • Social Engineering Tool kit
    • Comes with 10 major functions.
      • Spear-phishing Attack Vectors
      • Website attack vectors
      • Infection media generator
      • Create a payload and listener
      • Mass mailer attack
      • Teensy USB HID attack vector
      • SMS spoofing attack vector
  • 24.
    • All the above listed attacks make the major attacks on the contemporary sytems.
    • Lets have a detailed glimpse at all these services from SET….
  • 25.
    • A very well Mapped GUI for penetration testing
    • Provides a very good GUI and a map of the target machines
    • Armitage also uses Metasploit framework to test on the target
    • “ Little is to be said and rest is the action” 
  • 26.  
  • 27. Source : http://icis2005.unlv.edu/
  • 28. Source :http://telegraph.co.uk
  • 29. Source :http://telegraph.co.uk
  • 30.  
  • 31.