Metasploit Unleashed - Lets do this (ARCHIVE)

General technological topics without their own forum go here

Re: Metasploit Unleashed - Lets do this

Post by fashizzlepop on Thu Jan 30, 2014 12:26 am
([msg=79208]see Re: Metasploit Unleashed - Lets do this[/msg])

Yes. Join #metasploit
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Metasploit Unleashed - Lets do this

Post by limdis on Fri Jan 31, 2014 2:01 pm
([msg=79248]see Re: Metasploit Unleashed - Lets do this[/msg])

Tomorrow is the 1st. If anyone wants to get on board now is the time. There have been a couple of questions about this and I just want to clarify that I will not be 'teaching' this course. The intent is to get members to start going over the material at the same time so we can all discuss the material and assist others who are struggling. That said I've been seeing a lot of people sticking their heads in #metasploit so I'm looking forward to a good turn out. If any of you are already familiar with using metasploit and just want to hangout for questions please do! There will be punch and pie 8-)



There is no punch and pie.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1657
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Metasploit Unleashed - Lets do this

Post by limdis on Sat Feb 01, 2014 10:57 am
([msg=79257]see Re: Metasploit Unleashed - Lets do this[/msg])

Metasploit Unleashed begins! The first few sections are a little slow. Take your time and don't rush through the material. The fun stuff is coming! http://hts.io/1ISJE ~ Supplemental Reading: http://hts.io/1IUmq. Also join us in #metasploit.

If you are late to the party don't let that hold you back. You cannot complete this course in a day.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1657
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Metasploit Unleashed - Lets do this

Post by -Ninjex- on Sat Feb 01, 2014 10:49 pm
([msg=79259]see Re: Metasploit Unleashed - Lets do this[/msg])

Yeah, come on in guys! The opportunity to socialize with others while learning something new isn't something to be passed up! In all honesty, you may not think you have time, but I can assure you; if I am finding time, so can you. I work 10 hours a day, program, make music, hang out with friends, about to move, etc and will still be managing time for this! Think about it, the course is what 14 chapters in length? Go through about two chapters a week and you will be done in less than two months. However, I am almost sure that once you get started, you will be wanting and craving to do more than 2 chapters a day. All you will think about at work, is diving into the Metasploit course again; well at least I will <3 So I'm estimating that this course will be highly active from members for a month, and then a lot of us here are avid users that can always answer questions for anyone who stops by a little (or really) late into the course.

As a side note, I am a fairly avid Ruby user, and all Metasploit modules use the Ruby language. With that being said, if you guys have any questions regarding syntax, methods, structure, etc feel free to ask me. If I can help, I assure you I will.

I think (If you guys want) I will also keep asking some questions on here, to see who has been keeping up with the readings, retaining the information, and not skipping over parts of the course <3

Happy Hacking!

*** EDIT ***

So, I created some questions, that come specifically related to chapters 1-3 in the course:

#1.) Define an auxiliary module.

#2.) What is a module which executes a payload referenced as?

#3.) In Msfconsole, what explicit command would you use to search for all modules which use a payload, and target mysql?

#4.) In Msfconsole, what commands would you use to asign the value '127.0.0.1' to the variable 'LHOST'.

#5.) What command would you use to list all defined variables? What command can be used to remove all the variables in this list?

#6.) Is it possible to use the same variables in various exploits? If so, how?

#7.) Is it possible to have variables defined from a previous session loaded at run time, if so how?

#8.) What is the difference between an active exploit and a passive exploit?

#9.) Reading the path of the following module, list the stager and stage contents; Module: 'exploit/windows/smb/ms03_049_netapi'

#10.) Why are DDL injection based payloads great to use, and what two payload types operate based on DDL Injection?

#11.) If you gain access to a Windows machine via meterpreter session, what command can you initiate to clear the application, system, and security logs?

#12.) What module would you run to grab the contents of the SAM database once you gain access to a Windows machine?

#13.) What command can you run from inside a meterpreter session to tell if a user has been inactive, and for how long?

#14.) How would you get a list of services running on the machine and then move the session to that process?

#15.) What should you always do to path locations when using the upload and download commands in a session?
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Metasploit Unleashed - Lets do this

Post by cyberdrain on Sun Feb 09, 2014 7:48 pm
([msg=79384]see Re: Metasploit Unleashed - Lets do this[/msg])

So, I'm still stuck on the third chapter about fundamentals and learning a lot :) I have a few questions I searched, but couldn't find enough information.

1. At Msfconsole Commands the 'connect' and 'route' commands talk about pivoting. What do you do when you pivot traffic? Never mind: Chapter 10.

2. Why would one want a different LHOST than the current IP-address? This behaviour helps set the external IP-address in case you need port forwarding.

3. Does RWX given in Payloads stand for read, write, execute, like the Linux permissions? RWX is allocated memory with those permissions.

Useful info:
- NOP generators create code that does nothing (NOP opcode), which can be used for buffer overflows, consistency of size or to prevent detection, as the code is not similar anymore.
- The recv() command is used to receive data from a connection/socket.
- Setting up virtualised Windows from an old disk you have around is great to test some of the vulnerabilities in addition to Metasploitable.
- Virtualbox needs a restart and Bridge mode for internal network testing (warning: can be dangerous) if you don't use a virtual network.

I don't know a lot about shell code, so that will take a while to learn before I move on.

Edit: Thanks for the questions Ninjex, those are very helpful for learning indeed!

Edit 2: As I got no response (except for the last one, thanks fas), I shortened the questions I still couldn't find and removed ask to ask.

Edit 3: Well, I found out the only answer I couldn't find easily was the one fas answered. Note to self: try harder to find answers.
Last edited by cyberdrain on Tue Feb 11, 2014 5:05 pm, edited 4 times in total.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Metasploit Unleashed - Lets do this

Post by fashizzlepop on Sun Feb 09, 2014 10:46 pm
([msg=79387]see Re: Metasploit Unleashed - Lets do this[/msg])

Shellcoder's Handbook is a great read.

http://www.amazon.com/The-Shellcoders-H ... 047008023X
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Metasploit Unleashed - Lets do this

Post by limdis on Tue Feb 11, 2014 7:28 pm
([msg=79427]see Re: Metasploit Unleashed - Lets do this[/msg])

<rained> YES
<rained> I just p0wned my first system :)


Things are getting exciting 8-)

Shawn just brought this link to our attention in #metasploit. Great set of videos covering the framework.
http://www.securitytube.net/groups?oper ... groupId=10

Edit:
Sorry about that slow response Cyberdrain. You sound like you are coming along pretty well now.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1657
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Metasploit Unleashed - Lets do this

Post by cyberdrain on Wed Feb 12, 2014 11:57 am
([msg=79437]see Re: Metasploit Unleashed - Lets do this[/msg])

limdis wrote:Sorry about that slow response Cyberdrain. You sound like you are coming along pretty well now.


Don't worry about it. This stuff is really interesting once you get into it.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Metasploit Unleashed - Lets do this

Post by OS_13115 on Sat Jul 05, 2014 1:56 pm
([msg=81986]see Re: Metasploit Unleashed - Lets do this[/msg])

While I was not a member at the time of this post, I was and still am reading/studing/researching/learning/researching in and of this wonder Art of Framework/Metasploit. Additionally, I posted an Article about the msfcli recently, hopefully it is approved. The short mention in the book is what prompted my article in hopes that others may notice a great use for msfcli beyond what I mention. ATM, I'm using msfcli for learning purposes about various auxiliary/mods, exploit/mods, and post/payloads...

Would this course happen again?
OS_13115
New User
New User
 
Posts: 12
Joined: Sat Jul 05, 2014 1:07 pm
Blog: View Blog (0)


Re: Metasploit Unleashed - Lets do this

Post by Misanthropydotexe on Sun Jul 06, 2014 5:17 am
([msg=81998]see Re: Metasploit Unleashed - Lets do this[/msg])

OS_13115 wrote:
Would this course happen again?


I am also curious to know this.

But I suppose I should first know... Giving my current lack of understanding here, is this too advanced for me to properly grasp? Should I pass, if this is restarted until I'm better learned?
My armor is Contempt. My shield is Disgust. My sword is Hatred.
Respect not pity or weakness, for they are a disease which makes sick the strong
/sbin/poweroff
User avatar
Misanthropydotexe
Poster
Poster
 
Posts: 201
Joined: Tue Jun 03, 2014 10:54 pm
Blog: View Blog (0)


PreviousNext

Return to General

Who is online

Users browsing this forum: No registered users and 0 guests

cron