© 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and...

20
© 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit

TAGS:

Transcript of © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and...

Page 1: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

© 2010 – MAD Security, LLCAll rights reserved

Team OperationsCollaborate with Armitage and Metasploit

Page 2: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Overview

• Team Operations• Teaming Features• Architecture and Setup• Session Passing• Using External Tools• Team Organization

Page 3: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Team Operations

Page 4: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Armitage Teaming

• User Experience– Single user-like– Local control of Metasploit

• Teaming Features– Real Time Communication– Data Sharing– Session Sharing

Page 5: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Features: Event Log

Page 6: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Features: Data Sharing

Page 7: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Features: Session Sharing

Page 8: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Architecture

Page 9: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Setup

• Perform these steps on shared server…• Start Metasploit’s RPC daemon

– msfrpcd -U username -P password –f• Start Deconfliction server

– armitage --server attack_server_ip 55553 username password

• Connect clients!

Page 10: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Setup

Page 11: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Setup

Page 12: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Session Passing

• Inject meterpreter into memory• Point at any multi/handler

you like• Uses:

– Send session to a friend– Duplicate your access

Page 13: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Session Passing

• Inject meterpreter into memory• Point at any multi/handler

you like• Uses:

– Send session to a friend– Duplicate your access

Page 14: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Session Passing

• Inject meterpreter into memory• Point at any multi/handler

you like• Uses:

– Send session to a friend– Duplicate your access

Page 15: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

External Tools

• In a team environment, not everyone will use Armitage– Everyone can still benefit from Armitage’s accesses

• Metasploit SOCKS proxy routes client traffic using pivot

• Web browsers may use a proxy server to connect

Page 16: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

External Tools

Page 17: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

External Tools

Page 18: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Team Organization

• Split team into roles– Attack– Multiple post-exploitation roles

• Distribute attacks• Centralize post-exploitation

Page 19: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Team Organization

• Use Armitage on big screen• Event log augments existing

communication channel• External tools may play too

(not everyone needs Armitage)

Page 20: © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and Metasploit.

Summary

• Team Operations• Teaming Features• Architecture and Setup• Session Passing• Using External Tools• Team Organization


Metasploit Basics

Metasploit Basics

Metasploit Framework Unleashed beyond Metasploit · PDF fileMetasploit Framework Unleashed –beyond Metasploit ... MSF Bind Payload

Metasploit Framework Unleashed beyond Metasploit · PDF fileMetasploit Framework Unleashed –beyond Metasploit ... MSF Bind Payload

CENTRAL UNIVERSITY OF PUNJAB BATHINDA CBS.pdfIntroduction to Metasploit: Metasploit framework, Metasploit Console, Payloads, Metrpreter, Introduction to Armitage, Installing and using

CENTRAL UNIVERSITY OF PUNJAB BATHINDA CBS.pdfIntroduction to Metasploit: Metasploit framework, Metasploit Console, Payloads, Metrpreter, Introduction to Armitage, Installing and using

Abusing Windows Remote Management with Metasploit David Maloney Metasploit Software Engineer Rapid7.

Abusing Windows Remote Management with Metasploit David Maloney Metasploit Software Engineer Rapid7.

Armitage Halsted District - Chicago · 2020. 12. 23. · ARMITAGE-HALSTED DISTRICT PREDOMINANTLY ARMITAGE AVENUE BETWEEN HALSTED AND RACINE AND HALSTED STREET BETWEEN ARMITAGE AND

Armitage Halsted District - Chicago · 2020. 12. 23. · ARMITAGE-HALSTED DISTRICT PREDOMINANTLY ARMITAGE AVENUE BETWEEN HALSTED AND RACINE AND HALSTED STREET BETWEEN ARMITAGE AND

Armitage and Metasploit Penetration Testing Lab Raphael Mudge rsmudge@gmail.com rsmudge@gmail.com Twitter: @armitagehacker.

Armitage and Metasploit Penetration Testing Lab Raphael Mudge [email protected] [email protected] Twitter: @armitagehacker.

Louisville Infosec - Metasploit Class - Fuzzing and Exploit Development with Metasploit

Louisville Infosec - Metasploit Class - Fuzzing and Exploit Development with Metasploit

Metasploit Completo

Metasploit Completo

1. A 1. About Armitage I. Table of Contents · Metasploit presents its capabilities as modules. Every scanner, exploit, and payload is available as a module. To launch a module, you

1. A 1. About Armitage I. Table of Contents · Metasploit presents its capabilities as modules. Every scanner, exploit, and payload is available as a module. To launch a module, you

Nethemba metasploit

Nethemba metasploit

Metasploit (Module-1) - Getting Started With Metasploit

Metasploit (Module-1) - Getting Started With Metasploit

Cortana!Tutorial! - Armitage - Cyber Attack Management for Metasploit

Cortana!Tutorial! - Armitage - Cyber Attack Management for Metasploit

Attacking Oracle with the Metasploit Framework Metasploit Support Introduction of a TNS Mixin. Handles a basic TNS packet structure. ... Metasploit,Chris Gates,Oracle,Metasploit Framework

Attacking Oracle with the Metasploit Framework Metasploit Support Introduction of a TNS Mixin. Handles a basic TNS packet structure. ... Metasploit,Chris Gates,Oracle,Metasploit Framework

Metasploit - axiom.utm.utoronto.ca

Metasploit - axiom.utm.utoronto.ca

Attacking Oracle Web Applications with Metasploit Oracle Web Applications with Metasploit Chris Gates -- carnal0wnage @carnal0wnage Introduction In 2009, Metasploit ...

Attacking Oracle Web Applications with Metasploit Oracle Web Applications with Metasploit Chris Gates -- carnal0wnage @carnal0wnage Introduction In 2009, Metasploit ...

Metasploit Demo

Metasploit Demo

Guida Metasploit Framework

Guida Metasploit Framework

Nexpose/ Metasploit

Nexpose/ Metasploit

Isac Metasploit

Isac Metasploit

Mass Pwnage Metasploit

Mass Pwnage Metasploit