Metasploit Penetration Testing Cookbook

por | 29.12.2013

Metasploit es un proyecto open source de seguridad informática que proporciona información acerca de vulnerabilidades de seguridad y ayuda en tests de penetración y en el desarrollo de firmas para Sistemas de Detección de Intrusos.
Su subproyecto más conocido es el Metasploit Framework, una herramienta para desarrollar y ejecutar exploits contra una máquina remota. Otros subproyectos importantes son la bases de datos de opcodes (códigos de operación), un archivo de shellcodes, e investigación sobre seguridad. Inicialmente fue creado utilizando el lenguaje de programación de scripting Perl, aunque actualmente el Metasploit Framework ha sido escrito de nuevo completamente en el lenguaje Ruby.

Contenido

Chapter 01: Metasploit Quick Tips for Security Professionals

  • Introduction.
  • Configuring Metasploit on Windows.
  • Configuring Metasploit on Ubuntu.
  • Metasploit with BackTrack 5 – the ultimate combination.
  • Setting up the penetration testing lab on a single machine.
  • Setting up Metasploit on a virtual machine with SSH connectivity.
  • Beginning with the interfaces – the “Hello World” of Metasploit.
  • Setting up the database in Metasploit.
  • Using the database to store penetration testing results.
  • Analyzing the stored results of the database.

Chapter 02: Information Gathering and Scanning

  • Introduction.
  • Passive information gathering 1.0 – the traditional way.
  • Passive information gathering 2.0 – the next level.
  • Port scanning – the Nmap way.
  • Exploring auxiliary modules for scanning.
  • Target service scanning with auxiliary modules.
  • Vulnerability scanning with Nessus.
  • Scanning with NeXpose.
  • Sharing information with the Dradis framework 

Chapter 03: Operating System-based Vulnerability Assessment and Exploitation 

  • Introduction.
  • Exploit usage quick tips.
  • Penetration testing on a Windows XP SP2 machine.
  • Binding a shell to the target for remote access.
  • Penetration testing on the Windows 2003 Server.
  • Windows 7/Server 2008 R2 SMB client infinite loop.
  • Exploiting a Linux (Ubuntu) machine.
  • Understanding the Windows DLL injection flaws.

Chapter 04: Client-side Exploitation and Antivirus Bypass 

  • Introduction.
  • Internet Explorer unsafe scripting misconfiguration vulnerability.
  • Internet Explorer CSS recursive call memory corruption.
  • Microsoft Word RTF stack buffer overflow.
  • Adobe Reader util.printf() buffer overflow.
  • Generating binary and shellcode from msfpayload.
  • Bypassing client-side antivirus protection using msfencode.
  • Using the killav.rb script to disable antivirus programs.
  • A deeper look into the killav.rb script.
  • Killing antivirus services from the command line.

Chapter 05: Using Meterpreter to Explore the Compromised Target 

  • Introduction.
  • Analyzing meterpreter system commands.
  • Privilege escalation and process migration.
  • Setting up multiple communication channels with the target.
  • Meterpreter filesystem commands.
  • Changing file attributes using timestomp.
  • Using meterpreter networking commands.
  • The getdesktop and keystroke sniffing.
  • Using a scraper meterpreter script

Chapter 06: Advanced Meterpreter Scripting 

  • Introduction.
  • Passing the hash.
  • Setting up a persistent connection with backdoors.
  • Pivoting with meterpreter.
  • Port forwarding with meterpreter.
  • Meterpreter API and mixins.
  • Railgun – converting Ruby into a weapon.
  • Adding DLL and function definition to Railgun.
  • Building a “Windows Firewall De-activator” meterpreter script.
  • Analyzing an existing meterpreter script.

Chapter 07: Working with Modules for Penetration Testing

  • Introduction.
  • Working with scanner auxiliary modules.
  • Working with auxiliary admin modules.
  • SQL injection and DOS attack modules.
  • Post-exploitation modules.
  • Understanding the basics of module building.
  • Analyzing an existing module.
  • Building your own post-exploitation module.

Chapter 08: Working with Exploits

  • Introduction.
  • Exploiting the module structure.
  • Common exploit mixins.
  • Working with msfvenom.
  • Converting exploit to a Metasploit module.
  • Porting and testing the new exploit module.
  • Fuzzing with Metasploit.
  • Writing a simple FileZilla FTP fuzzer.

Chapter 09: Working with Armitage

  • Introduction.
  • Getting started with Armitage.
  • Scanning and information gathering.
  • Finding vulnerabilities and attacking targets.
  • Handling multiple targets using the tab switch.
  • Post-exploitation with Armitage.
  • Client-side exploitation with Armitage.

Chapter 10: Social Engineer Toolkit 

  • Introduction.
  • Getting started with Social Engineer Toolkit (SET).
  • Working with the SET config file.
  • Spear-phishing attack vector.
  • Website attack vectors.
  • Multi-attack web method.
  • Infectious media generator.

Descargar archivo
Contraseña: http://qliksec.blogspot.com

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *