Metasploit



I had hoped to do an article on metasploit in the not too distant future, but not as early as tonight…. However, I’ve made a couple of references to it in previous posts which, well, it would be nice if I’d already given a bit of information about metasploit in general. For starters, metasploit is considered a “framework” for exploit modules and payload modules. Much like real weapons, knives, guns…. there are good uses and there are bad uses. It can be used by a network/security auditor to check for vulnerable systems. It could also be used by a cracker to exploit systems remotely. There’s a fine line.


In recent days, there’s been some controversy (and this will always be…) over metasploit’s handling of a new variation on the wmf exploit. This new improved exploit was released for the metasploit framework before a patch was available and in many people’s view that is just irresponsible. However, one point of view is that the tool is available to anyone, defender or attacker and that has made it an open process. It’s certainly better that the exploit is open and known as opposed to it requiring reverse engineering to see how it works…

Metasploit, once downloaded, can be updated from the command line via msfupdate, or it can be run from the command line or in an interactive shell. I’ve found the web interface most useful. That can be started by running msfweb. Metasploit is then found by opening http://localhost:55555 in a browser window.

It’s important to know where the fine line is… vulnerability testing of any sort is something that should be done ONLY on machines that you control and own, and if it’s a network based scan it should be done with permission from someone in authority over that network, or only on your own network.

If you’re curious about these things and want something to test with, use a virtual machine like qemu, or set up a home network and learn on your own equipment!

I’ve been using the web interface of the metasploit framework as well as online samples of the WMF exploit to test a couple of virtual machines. (Primarily a Win98 SE VM). In the case of this testing, you can use it on a LAN to test for vulnerable machines. Select the current WMF exploit from the list on the main page, select the default target, (2000, XP, Vista), for payload you would probably want command execution (win32_exec) and choose a safe program like calc.exe (give the full path.) Then you can open up the web browser on the machines to be tested to the lan machine hosting metasploit (and make sure to add the port number that the exploit is being served on.) If calc.exe runs (assuming you’ve given correct naming and path information and you’ve done everything else right), you’re vulnerable.

It’s very easy to do, especially through the web interface. Some would say too easy. Know where the fine line is….

Related Posts

Blog Traffic Exchange Related Posts
  • iScsi and AoE with linux A few days ago I had reason to investigate iscsi and AoE (ata over ethernet). Both are protocols for sharing a physical drive over the network at the block level. Let me put it in context first. Traditional network file shares have been done like this.... Computer A has a......
  • Network Security - Hub or Switch? So, for those that have a little bit of knowledge about network hardware, you've probably heard this. "You can't sniff switched networks".... wrong.... let's see what this is about. Older networking hardware was dominated by what's called a hub. This was basically a "dumb" device that when it received data,......
  • Network Security guide for the home or small business network - Part 20 heterogeneous networks One thing I've already mentioned in this serious is using alternative programs like Mozilla Firefox instead of Internet Explorer, or Thunderbird, Eduora instead of Outlook Express. Even if you're not using alternative software as your primary web browser, email program there are advantages to having networks with mixed software, operating......
Blog Traffic Exchange Related Websites
  • Technorati Tracks Blog Traffic Exchange Effect Technorati is a online website community that is focused specifically on weblogs, and it can be extremely beneficial to register your blog with Technorati. Knowing how you can benefit from everything that Technorati has to offer is an important first step in getting the most out of your web presence.......
  • D-Link Announced 2 new 2-Bay Network Storage Devices Two new Network Storage Devices from D-Link D-Link today announced that its ShareCenter® 2-Bay Network Storage devices, the DNS-320 and DNS-325, are now available. Building off of the successful DNS-321 and DNS-323, the new DNS-320 and DNS-325 provide centralized storage, enabling consumers to easily share documents, files and digital media......
  • Recommendations On Selecting The Best Network Monitoring Software For Your Business If you plan on buying software for network monitoring, there are some things you should remember about, which will help you choose the best program to fit your needs and your company. This will also allow you run your company smoothly and will increase the productivity. So, here are some......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site