Tom Eston, profile picture
Uploaded byTom Eston
5,882 views

Automated Penetration Testing With The Metasploit Framework

The document discusses automated penetration testing using the Metasploit framework, highlighting its features, functionality, and limitations. It provides an overview of what constitutes a good penetration testing framework, outlines different available frameworks, and elaborates on how Metasploit enables users to execute exploits against target systems. Additionally, it addresses the need for database configuration, mentions potential challenges with autopwn, and includes links for more resources and a live demonstration setup.

Embed presentation

Automated Penetration Testing with the Metasploit Framework Tom Eston NEO Information Security Forum March 19, 2008
Topics What makes a good penetration testing framework? Frameworks available What is the Metasploit Framework? How does it work? Features Metasploit autopwn Limitations Live demonstration Basic Metasploit exploit Exploit multiple hosts with autopwn
What makes a good penetration testing framework? Platform independent Install on Windows, Mac, Linux Good exploit collection w/regular updates A intuitive, robust GUI Ability to add new exploits Open source or ability to customize Good reporting tools
What frameworks are available? Metasploit Framework Inguma SecurityForest Attack Tool Kit SAINT ($) Immunity Canvas ($) CORE IMPACT ($) Some are application or web specific… Orasploit (Oracle) PIRANA (email content filtering framework) BeEF (Browser Exploitation Framework) W3af (Web Application Exploit Framework)
What is the Metasploit Framework? Tool for developing and executing exploit code against a remote target machine Runs on Linux, Mac OS X, BSD, Windows Version 3.x written in Ruby. 2.x Perl Remote/Local exploits browser exploits with self contained web server Ability to create exploits Written by HD Moore Version 3.1 HD Moore, spoonm, skape
How does it work? Allows a user to configure exploit modules and launch them against target systems Choose and configure a payload Payload : code that is executed on the target system if the exploit is successful (bind/reverse shell, VNC server, etc...) Basic Example If the exploit is successful...a payload is executed and the user is able to interact with a command shell Automated Example Collect host information and exploit multiple hosts (autopwn) Nmap Scan, Nessus import
Features Choose from 269 exploits. 118 payloads. (latest updated version 3.1) Web, command line, GUI interfaces, multiple sessions Auxiliary modules Lorcon (802.11 packet injection), fuzzing, various scanners, DoS tools Injection into running processes (meterpreter payload) Executed into memory, never touches the disk Create packaged executable payloads (runme.exe) Pivoting Use compromised host to attack hosts on internal network IDS/IPS evasion options
Metasploit autopwn Automated exploit module Requires a database MySQL, Sqlite, Postgres Some pre-configuration required RubyGems, active record (part of ruby on rails) Database configuration Ability to import vulnerability data Nessus NBE files, Nmap XML output Run Nmap from the module and puts results in the database Launches exploits based on ports, services or vulnerabilities from imported data
Limitations of Metasploit Majority of exploits are for Windows Detailed logging not default, need to setup Local exploits only start the web server locally Need to send email on your own autopwn may be difficult to configure correctly No automated reporting in autopwn Database can be queried for vulnerability data Basic “bind shell” only option for payload in autopwn Large amounts of import data slows exploits Module needs tuning...hopefully fixed in future versions
More Information Metasploit Web Site http://metasploit.com Metasploit Toolkit Book autopwn Overview http: //blog . metasploit .com/2006/09/metasploit-30-automated-exploitation.html Want to test autopwn in a lab? Backtrack 2 has it working and installed (ninja script) Backtrack 3 requires fast-track.py run first...
Questions [email_address] Presentation posted at: http://spylogic.net
Live Demonstration Lab Setup VMware Workstation 3 Windows Systems 1 Windows 2000 Srv, 2 Windows XP Pro Basic Metasploit exploit Show basic commands Exploit multiple hosts with autopwn Using Nessus vulnerability data

More Related Content

PPTX
Understanding NMAP
byPhannarith Ou, G-CISO
 
PPTX
Introduction To Exploitation & Metasploit
byRaghav Bisht
 
ODP
Malware Dectection Using Machine learning
byShubham Dubey
 
PDF
MITRE ATT&CK Framework
byn|u - The Open Security Community
 
PPTX
IBM QRadar UBA
byIBM Security
 
PDF
Types of Cryptosystem and Cryptographic Attack
byMona Rajput
 
PPT
Introduction To OWASP
byMarco Morana
 
PPTX
Kismet
byNilesh Pawar
 
Understanding NMAP
byPhannarith Ou, G-CISO
 
Introduction To Exploitation & Metasploit
byRaghav Bisht
 
Malware Dectection Using Machine learning
byShubham Dubey
 
MITRE ATT&CK Framework
byn|u - The Open Security Community
 
IBM QRadar UBA
byIBM Security
 
Types of Cryptosystem and Cryptographic Attack
byMona Rajput
 
Introduction To OWASP
byMarco Morana
 
Kismet
byNilesh Pawar
 

What's hot

PPTX
Cyber Threat Intelligence.pptx
byAbimbolaFisher1
 
PPTX
PHISHING DETECTION
byumme ayesha
 
PPTX
Metasploit framwork
byDeepanshu Gajbhiye
 
PPTX
Metasploit
byhenelpj
 
PPTX
Mod security
byShruthi Kamath
 
PPT
Penetration Testing Basics
byRick Wanner
 
PPTX
kali linux Presentaion
byDev Gandhi
 
PDF
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
byRaffael Marty
 
PPTX
Types of Malware (CEH v11)
byEC-Council
 
PPTX
SOAR and SIEM.pptx
byAjit Wadhawan
 
PDF
Metaploit
byAjinkya Pathak
 
PPTX
Endpoint Protection
bySophos
 
PPTX
Network security - Defense in Depth
byDilum Bandara
 
PPTX
Sqlmap
byshamshad9
 
PPT
XSS - Attacks & Defense
byBlueinfy Solutions
 
PDF
Penetration testing web application web application (in) security
byNahidul Kibria
 
PPT
SSL/TLS
byDr Anjan Krishnamurthy
 
PPT
Wireless security presentation
byMuhammad Zia
 
PPT
Honeypots
byJayant Gandhi
 
PPTX
WEP/WPA attacks
byHuda Seyam
 
Cyber Threat Intelligence.pptx
byAbimbolaFisher1
 
PHISHING DETECTION
byumme ayesha
 
Metasploit framwork
byDeepanshu Gajbhiye
 
Metasploit
byhenelpj
 
Mod security
byShruthi Kamath
 
Penetration Testing Basics
byRick Wanner
 
kali linux Presentaion
byDev Gandhi
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
byRaffael Marty
 
Types of Malware (CEH v11)
byEC-Council
 
SOAR and SIEM.pptx
byAjit Wadhawan
 
Metaploit
byAjinkya Pathak
 
Endpoint Protection
bySophos
 
Network security - Defense in Depth
byDilum Bandara
 
Sqlmap
byshamshad9
 
XSS - Attacks & Defense
byBlueinfy Solutions
 
Penetration testing web application web application (in) security
byNahidul Kibria
 
SSL/TLS
byDr Anjan Krishnamurthy
 
Wireless security presentation
byMuhammad Zia
 
Honeypots
byJayant Gandhi
 
WEP/WPA attacks
byHuda Seyam
 

Viewers also liked

PPT
Automated Penetration Testing With Core Impact
byTom Eston
 
PDF
Metasploit for Penetration Testing: Beginner Class
byGeorgia Weidman
 
PDF
Pentest with Metasploit
byM.Syarifudin, ST, OSCP, OSWP
 
PDF
Pen-Testing with Metasploit
byMohammed Danish Amber
 
PPTX
Finalppt metasploit
bydevilback
 
PDF
Metasploit
byninguna
 
PPTX
Basic Metasploit
byMuhammad Ridwan
 
PPTX
Metasploit
byRaghunath G
 
PDF
Alphorm.com Support de la formation Hacking et Sécurité Metasploit
byAlphorm
 
PPTX
Penetration Testing vs. Vulnerability Scanning
bySecurityMetrics
 
Automated Penetration Testing With Core Impact
byTom Eston
 
Metasploit for Penetration Testing: Beginner Class
byGeorgia Weidman
 
Pentest with Metasploit
byM.Syarifudin, ST, OSCP, OSWP
 
Pen-Testing with Metasploit
byMohammed Danish Amber
 
Finalppt metasploit
bydevilback
 
Metasploit
byninguna
 
Basic Metasploit
byMuhammad Ridwan
 
Metasploit
byRaghunath G
 
Alphorm.com Support de la formation Hacking et Sécurité Metasploit
byAlphorm
 
Penetration Testing vs. Vulnerability Scanning
bySecurityMetrics
 

Similar to Automated Penetration Testing With The Metasploit Framework

PPTX
Introduction to Metasploit
byGTU
 
PPTX
Metasploit
byInstitute of Information Security (IIS)
 
PPTX
Metasploit
byLalith Sai
 
PDF
01 Metasploit kung fu introduction
byMostafa Abdel-sallam
 
PPTX
Metasploit (Module-1) - Getting Started With Metasploit
byAnurag Srivastava
 
PDF
The Metasploit Framework Companion Guide
byfynboytinny
 
PDF
Metasploit Computer security testing tool
bymedoelkang600
 
PPTX
Pentesting with linux
byHammad Ahmed Khawaja
 
PDF
Metasploit: Pwnage and Ponies
byTrowalts
 
PPTX
Metasploit Framework and Payloads supported
bySwapnil Gharat
 
PDF
Open Source Cyber Weaponry
byJoshua L. Davis
 
PPTX
Introduction to metasploit
byGTU
 
KEY
Metasploit @ 2010 Utah Open Source Conference
byJason Wood
 
DOCX
Backtrack Manual Part7
byNutan Kumar Panda
 
PDF
24 33 -_metasploit
bywozgeass
 
DOCX
Backtrack Manual Part6
byNutan Kumar Panda
 
PDF
Metasploitation part-1 (murtuja)
byClubHack
 
PDF
Metasploit Humla for Beginner
byn|u - The Open Security Community
 
PDF
iCrOSS 2013_Pentest
byM.Syarifudin, ST, OSCP, OSWP
 
PDF
Black hat dc-2010-egypt-uav-slides
byBakry3
 
Introduction to Metasploit
byGTU
 
Metasploit
byInstitute of Information Security (IIS)
 
Metasploit
byLalith Sai
 
01 Metasploit kung fu introduction
byMostafa Abdel-sallam
 
Metasploit (Module-1) - Getting Started With Metasploit
byAnurag Srivastava
 
The Metasploit Framework Companion Guide
byfynboytinny
 
Metasploit Computer security testing tool
bymedoelkang600
 
Pentesting with linux
byHammad Ahmed Khawaja
 
Metasploit: Pwnage and Ponies
byTrowalts
 
Metasploit Framework and Payloads supported
bySwapnil Gharat
 
Open Source Cyber Weaponry
byJoshua L. Davis
 
Introduction to metasploit
byGTU
 
Metasploit @ 2010 Utah Open Source Conference
byJason Wood
 
Backtrack Manual Part7
byNutan Kumar Panda
 
24 33 -_metasploit
bywozgeass
 
Backtrack Manual Part6
byNutan Kumar Panda
 
Metasploitation part-1 (murtuja)
byClubHack
 
Metasploit Humla for Beginner
byn|u - The Open Security Community
 
iCrOSS 2013_Pentest
byM.Syarifudin, ST, OSCP, OSWP
 
Black hat dc-2010-egypt-uav-slides
byBakry3
 

More from Tom Eston

PPT
Physical Security Assessments
byTom Eston
 
KEY
Enterprise Open Source Intelligence Gathering
byTom Eston
 
PDF
The Android vs. Apple iOS Security Showdown
byTom Eston
 
PDF
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
byTom Eston
 
PPT
Information Gathering With Maltego
byTom Eston
 
PDF
Smart Bombs: Mobile Vulnerability and Exploitation
byTom Eston
 
PDF
Attacking and Defending Apple iOS Devices
byTom Eston
 
KEY
Rise of the Autobots: Into the Underground of Social Network Bots
byTom Eston
 
KEY
Staying Safe & Secure on Twitter
byTom Eston
 
KEY
New School Man-in-the-Middle
byTom Eston
 
PDF
Cash is King: Who's Wearing Your Crown?
byTom Eston
 
PDF
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
byTom Eston
 
PDF
Social Zombies II: Your Friends Need More Brains
byTom Eston
 
PDF
Social Zombies Gone Wild: Totally Exposed and Uncensored
byTom Eston
 
PDF
Privacy Exposed: Ramifications of Social Media and Mobile Technology
byTom Eston
 
PDF
Social Zombies: Rise of the Mobile Dead
byTom Eston
 
PDF
Online Social Networks: 5 threats and 5 ways to use them safely
byTom Eston
 
Physical Security Assessments
byTom Eston
 
Enterprise Open Source Intelligence Gathering
byTom Eston
 
The Android vs. Apple iOS Security Showdown
byTom Eston
 
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
byTom Eston
 
Information Gathering With Maltego
byTom Eston
 
Smart Bombs: Mobile Vulnerability and Exploitation
byTom Eston
 
Attacking and Defending Apple iOS Devices
byTom Eston
 
Rise of the Autobots: Into the Underground of Social Network Bots
byTom Eston
 
Staying Safe & Secure on Twitter
byTom Eston
 
New School Man-in-the-Middle
byTom Eston
 
Cash is King: Who's Wearing Your Crown?
byTom Eston
 
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
byTom Eston
 
Social Zombies II: Your Friends Need More Brains
byTom Eston
 
Social Zombies Gone Wild: Totally Exposed and Uncensored
byTom Eston
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
byTom Eston
 
Social Zombies: Rise of the Mobile Dead
byTom Eston
 
Online Social Networks: 5 threats and 5 ways to use them safely
byTom Eston
 

Recently uploaded

PPTX
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
PDF
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
PPTX
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
PDF
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
PDF
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
PPTX
Webinar: EVerest for Production: Accelerating EV Charger Development w/ Indus...
byDanBrown980551
 
PPTX
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
PDF
Are AI Hallucinations Getting Better or Worse? We Analyzed the Data.
byScott M. Graffius
 
PDF
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
PPTX
congo red stain nd PAS STAIN histopathology
bybushrariaz1240
 
PDF
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
PDF
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
PDF
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
PDF
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
PPTX
Flutter & Firebase Session Slides - GDG VESIT
bygdgcodecellcmpn
 
PDF
Philippine Agricultural Engineering Standard_Hand Tractor .pdf
by6xfrnmdp4b
 
PPTX
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
PDF
Early Signs of Constraint Loss in Modern System Design
byReality Drift Archive
 
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
Webinar: EVerest for Production: Accelerating EV Charger Development w/ Indus...
byDanBrown980551
 
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
Are AI Hallucinations Getting Better or Worse? We Analyzed the Data.
byScott M. Graffius
 
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
congo red stain nd PAS STAIN histopathology
bybushrariaz1240
 
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
Flutter & Firebase Session Slides - GDG VESIT
bygdgcodecellcmpn
 
Philippine Agricultural Engineering Standard_Hand Tractor .pdf
by6xfrnmdp4b
 
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
Early Signs of Constraint Loss in Modern System Design
byReality Drift Archive
 

Automated Penetration Testing With The Metasploit Framework

  • 1.
    Automated Penetration Testingwith the Metasploit Framework Tom Eston NEO Information Security Forum March 19, 2008
  • 2.
    Topics What makesa good penetration testing framework? Frameworks available What is the Metasploit Framework? How does it work? Features Metasploit autopwn Limitations Live demonstration Basic Metasploit exploit Exploit multiple hosts with autopwn
  • 3.
    What makes agood penetration testing framework? Platform independent Install on Windows, Mac, Linux Good exploit collection w/regular updates A intuitive, robust GUI Ability to add new exploits Open source or ability to customize Good reporting tools
  • 4.
    What frameworks areavailable? Metasploit Framework Inguma SecurityForest Attack Tool Kit SAINT ($) Immunity Canvas ($) CORE IMPACT ($) Some are application or web specific… Orasploit (Oracle) PIRANA (email content filtering framework) BeEF (Browser Exploitation Framework) W3af (Web Application Exploit Framework)
  • 5.
    What is theMetasploit Framework? Tool for developing and executing exploit code against a remote target machine Runs on Linux, Mac OS X, BSD, Windows Version 3.x written in Ruby. 2.x Perl Remote/Local exploits browser exploits with self contained web server Ability to create exploits Written by HD Moore Version 3.1 HD Moore, spoonm, skape
  • 6.
    How does itwork? Allows a user to configure exploit modules and launch them against target systems Choose and configure a payload Payload : code that is executed on the target system if the exploit is successful (bind/reverse shell, VNC server, etc...) Basic Example If the exploit is successful...a payload is executed and the user is able to interact with a command shell Automated Example Collect host information and exploit multiple hosts (autopwn) Nmap Scan, Nessus import
  • 7.
    Features Choose from269 exploits. 118 payloads. (latest updated version 3.1) Web, command line, GUI interfaces, multiple sessions Auxiliary modules Lorcon (802.11 packet injection), fuzzing, various scanners, DoS tools Injection into running processes (meterpreter payload) Executed into memory, never touches the disk Create packaged executable payloads (runme.exe) Pivoting Use compromised host to attack hosts on internal network IDS/IPS evasion options
  • 8.
    Metasploit autopwn Automatedexploit module Requires a database MySQL, Sqlite, Postgres Some pre-configuration required RubyGems, active record (part of ruby on rails) Database configuration Ability to import vulnerability data Nessus NBE files, Nmap XML output Run Nmap from the module and puts results in the database Launches exploits based on ports, services or vulnerabilities from imported data
  • 9.
    Limitations of MetasploitMajority of exploits are for Windows Detailed logging not default, need to setup Local exploits only start the web server locally Need to send email on your own autopwn may be difficult to configure correctly No automated reporting in autopwn Database can be queried for vulnerability data Basic “bind shell” only option for payload in autopwn Large amounts of import data slows exploits Module needs tuning...hopefully fixed in future versions
  • 10.
    More Information MetasploitWeb Site http://metasploit.com Metasploit Toolkit Book autopwn Overview http: //blog . metasploit .com/2006/09/metasploit-30-automated-exploitation.html Want to test autopwn in a lab? Backtrack 2 has it working and installed (ninja script) Backtrack 3 requires fast-track.py run first...
  • 11.
    Questions [email_address] Presentationposted at: http://spylogic.net
  • 12.
    Live Demonstration LabSetup VMware Workstation 3 Windows Systems 1 Windows 2000 Srv, 2 Windows XP Pro Basic Metasploit exploit Show basic commands Exploit multiple hosts with autopwn Using Nessus vulnerability data