metasploitHelper
Keith Lee & Michael Gianarakis
Blackhat Asia Arsenal 2015
#whoami
@keith55
Security Consultant at SpiderLabs
@mgianarakis
Managing Consultant at SpiderLabs
Application Security
What Is This Presentation
About?
• Problems metasploitHelper tries to resolves
• How metasploitHelper works
• Problems fac...
Problems metasploitHelper
tries to resolves
Problems metasploitHelper
tries to resolves
• There are new Metasploit modules released every
now and then. It is difficult...
Metasploit Modules
• Modules can be categorize into auxiliary and
exploit modules.
• Modules can also be categorize into H...
How metasploitHelper
works
How metasploitHelper works
Crawls the metasploit modules folder
and extracts the port numbers /
targeturi and title of the...
Problems faced
Problems faced
• There are websites that blocks scripts using invalid user agent. 

The script circumvent this by faking t...
Some Gotchas
Some Gotchas
• Some Metasploit modules do not specify the
correct TARGETURI.
• Instead, they have specified the root / as t...
Demo
metasploitHelper Help Menu
Running metasploitHelper
Generated 'data' files by crawling
Metasploit modules folder
Generated report.txt contain list of matching
modules (HTTP/Port based exploits)
Running the Generated Metasploit Resource
Scripts against Target (Metasploitable VM)
Conclusion
• The script can be downloaded from https://
github.com/milo2012/metasploitHelper/.
Upcoming SlideShare
Loading in …5
×

metasploitHelper - Spiderlabs

1,289 views

Published on

metasploitHelper
There are a lot of modules in Metasploit. It is difficult to keep up to date with the list of modules that are in Metasploit.
Metasploit contains port-based modules as well as URI-based modules (web servers).

This tool bridges Nmap XML file with Metasploit and generates a resource script containing matching Metasploit modules. that you can run against the target servers.

Published in: Technology
1 Comment
0 Likes
Statistics
Notes
  • Can this run on windows?
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total views
1,289
On SlideShare
0
From Embeds
0
Number of Embeds
68
Actions
Shares
0
Downloads
36
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

metasploitHelper - Spiderlabs

  1. 1. metasploitHelper Keith Lee & Michael Gianarakis Blackhat Asia Arsenal 2015
  2. 2. #whoami @keith55 Security Consultant at SpiderLabs @mgianarakis Managing Consultant at SpiderLabs Application Security
  3. 3. What Is This Presentation About? • Problems metasploitHelper tries to resolves • How metasploitHelper works • Problems faced during development • Some gotchas
  4. 4. Problems metasploitHelper tries to resolves
  5. 5. Problems metasploitHelper tries to resolves • There are new Metasploit modules released every now and then. It is difficult to keep up with every Metasploit modules that have been released. • We do not want to miss any easy to spot vulnerabilites during a penetration test. • Manual penetration testing is still recommended, this tool is meant to assist penetration testers during tests.
  6. 6. Metasploit Modules • Modules can be categorize into auxiliary and exploit modules. • Modules can also be categorize into HTTP URI and port based exploits.
  7. 7. How metasploitHelper works
  8. 8. How metasploitHelper works Crawls the metasploit modules folder and extracts the port numbers / targeturi and title of the module port numbers targeturi Writes the results to default-path.csv Writes the results to port2Msf.csv Parses the nmap xml file and extracts the port numbers and HTTP(s) services port numbers targeturi Perform a lookup based on the port number and find the matching Metasploit module Bruteforce the targeturi against all the HTTP(s) services listed in default- path.csv Writes the results to Metasploit resource scripts and generate report file "report.txt".
  9. 9. Problems faced
  10. 10. Problems faced • There are websites that blocks scripts using invalid user agent. 
 The script circumvent this by faking the user- agent. • The target web server returns a status code of 200 for all URIs.
 The script attempts to tests the web server for fictious URIs. The script does not continue with the bruteforce unless the -detect parameter is specified. 
 The script performs a match for the keywords in the page title against that of the title of the Metasploit module.
  11. 11. Some Gotchas
  12. 12. Some Gotchas • Some Metasploit modules do not specify the correct TARGETURI. • Instead, they have specified the root / as the TARGETURI.
  13. 13. Demo
  14. 14. metasploitHelper Help Menu
  15. 15. Running metasploitHelper
  16. 16. Generated 'data' files by crawling Metasploit modules folder
  17. 17. Generated report.txt contain list of matching modules (HTTP/Port based exploits)
  18. 18. Running the Generated Metasploit Resource Scripts against Target (Metasploitable VM)
  19. 19. Conclusion • The script can be downloaded from https:// github.com/milo2012/metasploitHelper/.

×