Multi-Player Metasploit: Tag Team Pen Testing and Reporting

  • 1,151 views
Uploaded on

This presentation discusses how database components of Metasploit can be used through XMLRPC to facilitate pen testing data sharing and collection in order to ensure real time actionable information …

This presentation discusses how database components of Metasploit can be used through XMLRPC to facilitate pen testing data sharing and collection in order to ensure real time actionable information is available to all testers at all times.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,151
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
31
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide



















Transcript

  • 1. Multiplayer Metasploit Tag-Team Pen Testing and Reporting Ryan Linn Defcon 18
  • 2. Outline • Description of Problem • Discussion of current solutions • Overview of XMLRPC database integration • Discussion of types of objects • Demos
  • 3. What’s the problem? • Pen testing/security audit teams need to share information • How do you plan further action? • What about deltas from previous tests? • No easy way to automate reporting
  • 4. Analysis of current solutions • Dradis - best alternative, imports data great, but hard to further actions, no integration with other tools • Leo - geared toward one person and logging/reporting only • Wiki - multi-user but arbitrary organization, hard to convert to further action or reporting
  • 5. overview of solution • Metasploit is readily available • Extend XMLRPC to facilitate DB transactions • XMLRPC extension allows central logging • All information is actionable • Data can be added real time
  • 6. Types of Objects • workspaces - separate spaces for data • hosts • services • vulns • notes - general purpose data storage • events - log of commands executed • loots - phat loots lives here • clients - web clients • users - users + credentials
  • 7. Workspaces • Values: • name • created_at • updated_at • boundary • description
  • 8. Hosts • created_at • os_name • updated_at • os_flavor • address • os_sp • address6 • os_lang • mac • arch • comm • purpose • name • info • state • comments
  • 9. Services • host • port • proto • state • name • info
  • 10. Vulns • host • service • name • info
  • 11. Notes • ntype • service • host • critical • seen • data
  • 12. Events • host • name • seen • critical • username • info
  • 13. loots • host • service • ltype • path • data • content_type • name • info
  • 14. Clients • host • ua_string • ua_name • ua_ver
  • 15. Users • username • crypted_password • password_salt • persistance_token • fullname • email • phone • company • prefs
  • 16. Demos • Service Startup • Launching Nmap with Nsploit • Storing BeEF data in Metasploit • External report generation • Diffing workspaces
  • 17. Thanks • Defcon staff and attendees for a great conference • Heather Pilkington, Scott Hilbert, Jonathan Cran, HD Moore, Egypt, anyone else I’ve forgotten • Fyodor, Wade Alcorn for Nmap and BeEF
  • 18. Contact Information • IRC: sussurro • Twitter: @sussurro • Blog: blog.happypacket.net
  • 19. Questions?