Description

This is the first book available for the Metasploit Framework (MSF), which is the attack platform of choice for one of the fastest growing careers in IT security: Penetration Testing. The book and companion Web site will provide professional penetration testers and security researchers with a fully integrated suite of tools for discovering, running, and testing exploit code. This book discusses how to use the Metasploit Framework (MSF) as an exploitation platform. The book begins with a detailed discussion of the three MSF interfaces: msfweb, msfconsole, and msfcli .This chapter demonstrates all of the features offered by the MSF as an exploitation platform. With a solid understanding of MSF’s capabilities, the book then details techniques for dramatically reducing the amount of time required for developing functional exploits. By working through a real-world vulnerabilities against popular closed source applications, the reader will learn how to use the tools and MSF to quickly build reliable attacks as standalone exploits. The section will also explain how to integrate an exploit directly into the Metasploit Framework by providing a line-by-line analysis of an integrated exploit module. Details as to how the Metasploit engine drives the behind-the-scenes exploitation process will be covered, and along the way the reader will come to understand the advantages of exploitation frameworks. The final section of the book examines the Meterpreter payload system and teaches readers to develop completely new extensions that will integrate fluidly with the Metasploit Framework.

Key Features

· A November 2004 survey conducted by "CSO Magazine" stated that 42% of chief security officers considered penetration testing to be a security priority for their organizations · The Metasploit Framework is the most popular open source exploit platform, and there are no competing books · The book's companion Web site offers all of the working code and exploits contained within the book

Readership

Professional penetration testers and security researchers

Table of Contents

Technical Editor

Contributing Authors

Companion Web Site

Chapter 1: Introduction to Metasploit

Introduction

Overview: Why Is Metasploit Here?

History of Metasploit

Metasploit Core Development

Technology Overview

Leveraging Metasploit on Penetration Tests

Understanding Metasploit Channels

Summary

Solutions Fast Track

Chapter 2: Architecture, Environment, and Installation

Introduction

Understanding the Soft Architecture

Configuring and Locking Down Your System

Installation

Summary

Solutions Fast Track

Chapter 3: Metasploit Framework and Advanced Environment Configurations

Introduction

Configuration High-Level Overview

Global Datastore

Module Datastore

Saved Environment

Summary

Solutions Fast Track

Chapter 4: Advanced Payloads and Add-on Modules

Introduction

Meterpreter

VNC Inject

PassiveX

Auxiliary Modules

Automating the Pen-Test

Summary

Solutions Fast Track

Chapter 5: Adding New Payloads

Introduction: Why Should You Care about Metasploit?

Types of Payloads

Adding New Exploit Payloads

Adding New Auxiliary Payloads

Bonus: Finding Oday While Creating Different Types of Payloads

Summary

Case Studies

Introduction to Case Studies

Case Study 1: RaXnet Cacti Remote Command Execution

Overview of the RaXnet Cacti graph_image.php Vulnerability

Metasploit Module Source

In-Depth Analysis

Case Study 2: Mercur Messaging 2005 SP3 IMAP Remote Buffer Overflow (CVE–2006-1255)

Overview

Vulnerability Details

Exploitation Details

PSEUDO-RET-LIB-C

Complete Exploit Code

In-Depth Analysis

Case Study 3: SlimFTPd String Concatenation Overflo

Details

No. of pages:
350
Language:
English
Copyright:
© 2007
Published:
Imprint:
Syngress
Print ISBN:
9781597490740
Electronic ISBN:
9780080549255