Network Exploitation
-
Upload
nirate -
Category
Technology
-
view
33 -
download
0
Transcript of Network Exploitation
I. AboutmeII. UnderstandingBasicMSF&TermsIII. Howdoesexploitationwork?IV. Howdoesexploitationwork?V. CommonStepsofacompromiseVI. ScanForportsandservicesVII.MetasploitFrameworkBasicsVIII.MeterpreterBasics
TableOfContents
• Payload:Actualcodesthattransmitdataordoanyactionsautomaticallyasitspurposes,itrunsafterexploitation
• Exploit:Codethatallowsattackertotakeadvantageofavulnerablesystem
• Vulnerability:Weaknessesthatallowsattackerbreakinto/compromiseasystem’ssecurity
UnderstandingBasicMSF&TERMS
1- Vulnerability 2- Exploit3- Payload
Robber
Vulnerable House
Understanding Basic MSF&TERMS
Howdoesexploitationwork?
Exploit + Payload
Upload/Download Data, malware, rootkit,..
Exploit run first, if succeed payload runs next
Howdoesexploitationwork?
- Scan ports and services running on that target IP
- Identify a vulnerability service / known exploit or private exploit
- Compromise, launch exploit, exploitation plan
CommonStepsOfaCompromise
- Scan a machine using tools like “nmap”- Use port scanner to scan for ports and
services running on remote system - Services scanning with version indentified
same time
ScanForPortsandServices
- Toolfordevelopmentandtestingofvulnerability- Canbeusedfor:
- Penetratingtesting- Exploitresearch- DevelopingIDSsignatures
- StartedbyH.DMoore,2003(Perl)- WasrewritteninRuby,2007- AcquiredbyRapid7,2009- OpenSourceandfreeforuse- Over770+testedexploit- Over228payloads
Metasploit Basics
CommandsdetailinDemontration(VulnerabilityonRPC
DCOM(MS03_026))- Scan a machine using tools like “nmap”
root@khnog#nmap –v –n [Target-IP]root@khnog#nmap –sV –n [Target-IP]
- root@khnog#gcc dcom -0 dcom (compile file)
- root@khnog#./dcom [target-ID] [target-IP]