Page 5 of 6

Re: Metasploit Unleashed - Lets do this

PostPosted: Thu Jan 30, 2014 12:26 am
by fashizzlepop
Yes. Join #metasploit

Re: Metasploit Unleashed - Lets do this

PostPosted: Fri Jan 31, 2014 2:01 pm
by limdis
Tomorrow is the 1st. If anyone wants to get on board now is the time. There have been a couple of questions about this and I just want to clarify that I will not be 'teaching' this course. The intent is to get members to start going over the material at the same time so we can all discuss the material and assist others who are struggling. That said I've been seeing a lot of people sticking their heads in #metasploit so I'm looking forward to a good turn out. If any of you are already familiar with using metasploit and just want to hangout for questions please do! There will be punch and pie 8-)

There is no punch and pie.

Re: Metasploit Unleashed - Lets do this

PostPosted: Sat Feb 01, 2014 10:57 am
by limdis
Metasploit Unleashed begins! The first few sections are a little slow. Take your time and don't rush through the material. The fun stuff is coming! ~ Supplemental Reading: Also join us in #metasploit.

If you are late to the party don't let that hold you back. You cannot complete this course in a day.

Re: Metasploit Unleashed - Lets do this

PostPosted: Sat Feb 01, 2014 10:49 pm
by -Ninjex-
Yeah, come on in guys! The opportunity to socialize with others while learning something new isn't something to be passed up! In all honesty, you may not think you have time, but I can assure you; if I am finding time, so can you. I work 10 hours a day, program, make music, hang out with friends, about to move, etc and will still be managing time for this! Think about it, the course is what 14 chapters in length? Go through about two chapters a week and you will be done in less than two months. However, I am almost sure that once you get started, you will be wanting and craving to do more than 2 chapters a day. All you will think about at work, is diving into the Metasploit course again; well at least I will <3 So I'm estimating that this course will be highly active from members for a month, and then a lot of us here are avid users that can always answer questions for anyone who stops by a little (or really) late into the course.

As a side note, I am a fairly avid Ruby user, and all Metasploit modules use the Ruby language. With that being said, if you guys have any questions regarding syntax, methods, structure, etc feel free to ask me. If I can help, I assure you I will.

I think (If you guys want) I will also keep asking some questions on here, to see who has been keeping up with the readings, retaining the information, and not skipping over parts of the course <3

Happy Hacking!

*** EDIT ***

So, I created some questions, that come specifically related to chapters 1-3 in the course:

#1.) Define an auxiliary module.

#2.) What is a module which executes a payload referenced as?

#3.) In Msfconsole, what explicit command would you use to search for all modules which use a payload, and target mysql?

#4.) In Msfconsole, what commands would you use to asign the value '' to the variable 'LHOST'.

#5.) What command would you use to list all defined variables? What command can be used to remove all the variables in this list?

#6.) Is it possible to use the same variables in various exploits? If so, how?

#7.) Is it possible to have variables defined from a previous session loaded at run time, if so how?

#8.) What is the difference between an active exploit and a passive exploit?

#9.) Reading the path of the following module, list the stager and stage contents; Module: 'exploit/windows/smb/ms03_049_netapi'

#10.) Why are DDL injection based payloads great to use, and what two payload types operate based on DDL Injection?

#11.) If you gain access to a Windows machine via meterpreter session, what command can you initiate to clear the application, system, and security logs?

#12.) What module would you run to grab the contents of the SAM database once you gain access to a Windows machine?

#13.) What command can you run from inside a meterpreter session to tell if a user has been inactive, and for how long?

#14.) How would you get a list of services running on the machine and then move the session to that process?

#15.) What should you always do to path locations when using the upload and download commands in a session?

Re: Metasploit Unleashed - Lets do this

PostPosted: Sun Feb 09, 2014 7:48 pm
by cyberdrain
So, I'm still stuck on the third chapter about fundamentals and learning a lot :) I have a few questions I searched, but couldn't find enough information.

1. At Msfconsole Commands the 'connect' and 'route' commands talk about pivoting. What do you do when you pivot traffic? Never mind: Chapter 10.

2. Why would one want a different LHOST than the current IP-address? This behaviour helps set the external IP-address in case you need port forwarding.

3. Does RWX given in Payloads stand for read, write, execute, like the Linux permissions? RWX is allocated memory with those permissions.

Useful info:
- NOP generators create code that does nothing (NOP opcode), which can be used for buffer overflows, consistency of size or to prevent detection, as the code is not similar anymore.
- The recv() command is used to receive data from a connection/socket.
- Setting up virtualised Windows from an old disk you have around is great to test some of the vulnerabilities in addition to Metasploitable.
- Virtualbox needs a restart and Bridge mode for internal network testing (warning: can be dangerous) if you don't use a virtual network.

I don't know a lot about shell code, so that will take a while to learn before I move on.

Edit: Thanks for the questions Ninjex, those are very helpful for learning indeed!

Edit 2: As I got no response (except for the last one, thanks fas), I shortened the questions I still couldn't find and removed ask to ask.

Edit 3: Well, I found out the only answer I couldn't find easily was the one fas answered. Note to self: try harder to find answers.

Re: Metasploit Unleashed - Lets do this

PostPosted: Sun Feb 09, 2014 10:46 pm
by fashizzlepop
Shellcoder's Handbook is a great read. ... 047008023X

Re: Metasploit Unleashed - Lets do this

PostPosted: Tue Feb 11, 2014 7:28 pm
by limdis
<rained> YES
<rained> I just p0wned my first system :)

Things are getting exciting 8-)

Shawn just brought this link to our attention in #metasploit. Great set of videos covering the framework. ... groupId=10

Sorry about that slow response Cyberdrain. You sound like you are coming along pretty well now.

Re: Metasploit Unleashed - Lets do this

PostPosted: Wed Feb 12, 2014 11:57 am
by cyberdrain
limdis wrote:Sorry about that slow response Cyberdrain. You sound like you are coming along pretty well now.

Don't worry about it. This stuff is really interesting once you get into it.

Re: Metasploit Unleashed - Lets do this

PostPosted: Sat Jul 05, 2014 1:56 pm
by OS_13115
While I was not a member at the time of this post, I was and still am reading/studing/researching/learning/researching in and of this wonder Art of Framework/Metasploit. Additionally, I posted an Article about the msfcli recently, hopefully it is approved. The short mention in the book is what prompted my article in hopes that others may notice a great use for msfcli beyond what I mention. ATM, I'm using msfcli for learning purposes about various auxiliary/mods, exploit/mods, and post/payloads...

Would this course happen again?

Re: Metasploit Unleashed - Lets do this

PostPosted: Sun Jul 06, 2014 5:17 am
by Misanthropydotexe
OS_13115 wrote:
Would this course happen again?

I am also curious to know this.

But I suppose I should first know... Giving my current lack of understanding here, is this too advanced for me to properly grasp? Should I pass, if this is restarted until I'm better learned?