Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research

Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research is the first book available for the Metasploit Framework (MSF), which is the attack platform of choice for one of the fastest growing careers in IT security: Penetration Testing. The book will provide professional penetration testers and security researchers with a fully integrated suite of tools for discovering, running, and testing exploit code.

This book discusses how to use the Metasploit Framework (MSF) as an exploitation platform. The book begins with a detailed discussion of the three MSF interfaces: msfweb, msfconsole, and msfcli .This chapter demonstrates all of the features offered by the MSF as an exploitation platform. With a solid understanding of MSF’s capabilities, the book then details techniques for dramatically reducing the amount of time required for developing functional exploits.
By working through a real-world vulnerabilities against popular closed source applications, the reader will learn how to use the tools and MSF to quickly build reliable attacks as standalone exploits. The section will also explain how to integrate an exploit directly into the Metasploit Framework by providing a line-by-line analysis of an integrated exploit module. Details as to how the Metasploit engine drives the behind-the-scenes exploitation process will be covered, and along the way the reader will come to understand the advantages of exploitation frameworks. The final section of the book examines the Meterpreter payload system and teaches readers to develop completely new extensions that will integrate fluidly with the Metasploit Framework.

• A November 2004 survey conducted by "CSO Magazine" stated that 42% of chief security officers considered penetration testing to be a security priority for their organizations
• The Metasploit Framework is the most popular open source exploit platform, and there are no competing books

Professional penetration testers and security researchers

Technical Editor

Contributing Authors

Companion Web Site

Chapter 1: Introduction to Metasploit

Introduction

Overview: Why Is Metasploit Here?

History of Metasploit

Metasploit Core Development

Technology Overview

Leveraging Metasploit on Penetration Tests

Understanding Metasploit Channels

Summary

Solutions Fast Track

Chapter 2: Architecture, Environment, and Installation

Introduction

Understanding the Soft Architecture

Configuring and Locking Down Your System

Installation

Summary

Solutions Fast Track

Chapter 3: Metasploit Framework and Advanced Environment Configurations

Introduction

Configuration High-Level Overview

Global Datastore

Module Datastore

Saved Environment

Summary

Solutions Fast Track

Chapter 4: Advanced Payloads and Add-on Modules

Introduction

Meterpreter

VNC Inject

PassiveX

Auxiliary Modules

Automating the Pen-Test

Summary

Solutions Fast Track

Chapter 5: Adding New Payloads

Introduction: Why Should You Care about Metasploit?

Types of Payloads

Adding New Exploit Payloads

Adding New Auxiliary Payloads

Bonus: Finding Oday While Creating Different Types of Payloads

Summary

Case Studies

Introduction to Case Studies

Case Study 1: RaXnet Cacti Remote Command Execution

Overview of the RaXnet Cacti graph_image.php Vulnerability

Metasploit Module Source

In-Depth Analysis

Case Study 2: Mercur Messaging 2005 SP3 IMAP Remote Buffer Overflow (CVE–2006-1255)

Overview

Vulnerability Details

Exploitation Details

PSEUDO-RET-LIB-C

Complete Exploit Code

In-Depth Analysis

Case Study 3: SlimFTPd String Concatenation Overflow

Overview of the SlimFTPd Vulnerability

SlimFTPd Vulnerability Details

Complete Exploit Code for SlimFTPd String Concatenation Overflow

Case Study 4: WS-FTP Server 5.03 MKD Overflow

Overview of the WS-FTP Server 5.03 Vulnerability

Vulnerability Details

Exploitation Details

Checking Banners

Complete Exploit Code

Analysis

Case Study 5: MailEnable HTTP Authorization Header Buffer Overflow

Overview of the MailEnable HTTP Authorization Buffer Overflow Vulnerability

Exploit Details

Metasploit Module Source

In-Depth Analysis

Appendix A: Advantages of Network Vulnerability Testing with Metasploit 3.0

Appendix B: Building a Test Lab for Penetration Testing

Appendix C: Glossary of Technology and Terminology

Index