Download as PDF, PPTX
![Commands detail in
Demontration(Vulnerability on RPC
DCOM(MS03_026))
- Scan a machine using tools like “nmap”
root@khnog#nmap –v –n [Target-IP]
root@khnog#nmap –sV –n [Target-IP]
- root@khnog#gcc dcom -0 dcom (compile
file)
- root@khnog#./dcom [target-ID] [target-IP]](https://image.slidesharecdn.com/network-exploitation-161028015841/85/Network-Exploitation-10-320.jpg)
Uploaded byKHNOG
Network Exploitation
This document provides an overview of network exploitation and the Metasploit framework. It begins with definitions of key terms like vulnerability, exploit, and payload. It then explains the basic process of exploitation as using an exploit to trigger a payload after a vulnerability is triggered. The document outlines common steps attackers use like port scanning and service identification. It introduces the Metasploit framework as an open-source tool for penetration testing and exploit development with over 770 tested exploits and 228 payloads. It concludes with examples of using tools like nmap for port scanning and compiling exploits to demonstrate exploitation of a known vulnerability.
More Related Content
Similar to Network Exploitation
![Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]](https://cdn.slidesharecdn.com/ss_thumbnails/apachesparkgettingstarted-260203175547-8361bcc3-thumbnail.jpg?width=640&height=640&fit=bounds)
Network Exploitation
- 1. Network Exploitation Mam Koeun Web Security atTrendsec Solution
- 2. I. About me II. Understanding Basic MSF & Terms III.How does exploitation work? IV. How does exploitation work? V. Common Steps of a compromise VI. Scan For ports and services VII.Metasploit Framework Basics VIII.Meterpreter Basics Table Of Contents
- 3.
- 4. • Payload: Actual codes that transmit data or do any actions automatically as its purposes, it runs after exploitation • Exploit: Code that allows attacker to take advantage of a vulnerable system •Vulnerability: Weaknesses that allows attacker break into/compromise a system’s security Understanding Basic MSF&TERMS
- 5. 1- Vulnerability 2- Exploit 3-Payload Robber Vulnerable House Understanding Basic MSF&TERMS How does exploitation work?
- 6. Exploit + Payload Upload/DownloadData, malware, rootkit,.. Exploit run first, if succeed payload runs next How does exploitation work?
- 7. - Scan portsand services running on that target IP - Identify a vulnerability service / known exploit or private exploit - Compromise, launch exploit, exploitation plan Common Steps Of a Compromise
- 8. - Scan amachine using tools like “nmap” - Use port scanner to scan for ports and services running on remote system - Services scanning with version indentified same time Scan For Ports and Services
- 9. - Tool for development and testing of vulnerability - Can be used for: -Penetrating testing - Exploit research - Developing IDS signatures - Started by H.D Moore, 2003 (Perl) - Was rewritten in Ruby, 2007 - Acquired by Rapid7, 2009 - Open Source and free for use - Over 770+ tested exploit - Over 228 payloads Metasploit Basics
- 10. Commands detail in Demontration(Vulnerability on RPC DCOM(MS03_026)) - Scan amachine using tools like “nmap” root@khnog#nmap –v –n [Target-IP] root@khnog#nmap –sV –n [Target-IP] - root@khnog#gcc dcom -0 dcom (compile file) - root@khnog#./dcom [target-ID] [target-IP]
- 11.