Metasploit



I had hoped to do an article on metasploit in the not too distant future, but not as early as tonight…. However, I’ve made a couple of references to it in previous posts which, well, it would be nice if I’d already given a bit of information about metasploit in general. For starters, metasploit is considered a “framework” for exploit modules and payload modules. Much like real weapons, knives, guns…. there are good uses and there are bad uses. It can be used by a network/security auditor to check for vulnerable systems. It could also be used by a cracker to exploit systems remotely. There’s a fine line.


In recent days, there’s been some controversy (and this will always be…) over metasploit’s handling of a new variation on the wmf exploit. This new improved exploit was released for the metasploit framework before a patch was available and in many people’s view that is just irresponsible. However, one point of view is that the tool is available to anyone, defender or attacker and that has made it an open process. It’s certainly better that the exploit is open and known as opposed to it requiring reverse engineering to see how it works…

Metasploit, once downloaded, can be updated from the command line via msfupdate, or it can be run from the command line or in an interactive shell. I’ve found the web interface most useful. That can be started by running msfweb. Metasploit is then found by opening http://localhost:55555 in a browser window.

It’s important to know where the fine line is… vulnerability testing of any sort is something that should be done ONLY on machines that you control and own, and if it’s a network based scan it should be done with permission from someone in authority over that network, or only on your own network.

If you’re curious about these things and want something to test with, use a virtual machine like qemu, or set up a home network and learn on your own equipment!

I’ve been using the web interface of the metasploit framework as well as online samples of the WMF exploit to test a couple of virtual machines. (Primarily a Win98 SE VM). In the case of this testing, you can use it on a LAN to test for vulnerable machines. Select the current WMF exploit from the list on the main page, select the default target, (2000, XP, Vista), for payload you would probably want command execution (win32_exec) and choose a safe program like calc.exe (give the full path.) Then you can open up the web browser on the machines to be tested to the lan machine hosting metasploit (and make sure to add the port number that the exploit is being served on.) If calc.exe runs (assuming you’ve given correct naming and path information and you’ve done everything else right), you’re vulnerable.

It’s very easy to do, especially through the web interface. Some would say too easy. Know where the fine line is….

Related Posts

Blog Traffic Exchange Related Posts
  • Version 2 of the WMF exploit vs Windows 98 SE Ok, I wasn't quite satisfied with the results of the tests against the first version of the WMF (Windows Metafile) zero day exploit that's now up to 4 or 5 days or so... Windows 98 is listed as being vulnerable, but there are no patches or workarounds currently available for......
  • Diebold Voting machine vulnerabilities Freedom to tinker brings us this BIG problem. I guess what concerns me most about this, is the way I see it, voter fraud has pretty much gone on since there have been elections. Let's face it, there is always someone, acting officially or not that will jockey for the......
  • iScsi and AoE with linux A few days ago I had reason to investigate iscsi and AoE (ata over ethernet). Both are protocols for sharing a physical drive over the network at the block level. Let me put it in context first. Traditional network file shares have been done like this.... Computer A has a......
Blog Traffic Exchange Related Websites
  • No Cost Traffic Generator Data Increasing the free web traffic for your website enables you to make more cash through ads. But this is reason why webmasters are searching for your best tips and trick which help them into build the traffic on their websites. Can there be any such web traffic generator program which......
  • On-line Bingo Software On-line bingo software capabilities bingo online games over the website. This software also comes in two diverse varieties: get bingo and non-download bingo. The internet bingo software program with regard to obtain bingo video games must be installed from the participants decided on website. The particular set up with regard......
  • How Home Improvement Software Can Help You Out If you are interested in home improvement these days, you also need to be interested in what the modern world can do for you as far as home improvement is concerned.  There is no type of handyman in today’s world that does not use the conveniences of modern technology to......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site