Presentation is loading. Please wait.

Presentation is loading. Please wait.

MIS 5212.001 Week 4 Site:

Similar presentations


Presentation on theme: "MIS 5212.001 Week 4 Site:"— Presentation transcript:

1 MIS Week 4 Site:

2  Introduction  In the news  Live Demonstration of Exploits  Live Demonstration of SET  Building Modules in Metasploit  Creating Exploits  Porting Exploits  Scripting  Simulating Penetration Testing  Next Week 2MIS

3  Submitted  er-security/the-end-for-1024bit-ssl-certificates-is- near-mozilla-kills-a-few-more.html er-security/the-end-for-1024bit-ssl-certificates-is- near-mozilla-kills-a-few-more.html  magazine.com/news/china-tech-companies-source- code/ magazine.com/news/china-tech-companies-source- code/  intelligence/trend-micro-discovers-new-adobe- flash-zero-day-exploit-used-in-malvertisements/ intelligence/trend-micro-discovers-new-adobe- flash-zero-day-exploit-used-in-malvertisements/  mccarthy/five-colleges-with-data-b_b_ html mccarthy/five-colleges-with-data-b_b_ html MIS

4  Submitted  breaches/security-budgets-going-up-thanks-to- mega-breaches/d/d-id/ breaches/security-budgets-going-up-thanks-to- mega-breaches/d/d-id/  data/2015/02/apple-building-solar-powered-data- command-center/104400/?oref=ng-HPriver data/2015/02/apple-building-solar-powered-data- command-center/104400/?oref=ng-HPriver  window-to-enterprise-infection/d/d-id/ window-to-enterprise-infection/d/d-id/ MIS

5  What I noted  hammond-terrorist-watchlist-fbi/ hammond-terrorist-watchlist-fbi/  amazon_taboola_microsoft_adplock_plus_unblock/ amazon_taboola_microsoft_adplock_plus_unblock/  _to_flush_flash_if_you_havent_already_enough_is_e nough/ _to_flush_flash_if_you_havent_already_enough_is_e nough/  ack_d_link/ ack_d_link/  arders_on_parking_lot_driveby_blitz/ arders_on_parking_lot_driveby_blitz/ MIS

6  Feedback from students last week indicated a preference to go through last weeks exploits live in class  We will run through nmap of Metasploitable, the exploits from last week, and the Social Engineering Toolkit on my laptop MIS

7  Metasploit is primarily written in Ruby  The book “Metasploit” also uses a lot of PowerShell in it’s examples  We are not going to try and make you either Ruby or PowerShell developers here tonight  Rather, we will look at some of the basic structure and steps you might go through to modify modules for you own purposes. MIS

8  Recall from Week 2, the Tomcat Exploit MIS

9  Explore Modules MIS

10  Here is what the start of this module looks like: MIS

11  The previous page has some interesting lines to consider  “require ‘msf/core’”  Module will include all functionality from Metasploit’s core libraries  “class Metasploit3, Msf::Exploit::Remote  Defines this as an “Exploit” module  “include Msf::Exploit::Remote::HttpClient”  Pulls in the HttpClient module that includes functionality to handle http traffic MIS

12  Grab a module close to what you want to do  Tweak it to get the functionality you need  This may involve sharpening your coding skills first MIS

13  Depending on the Exploit, you may need to know:  MSSQL  Oracle  PowerShell  Bash  Etc… MIS

14  Modifying the tools is one of the distinguishing skills in top flight Consultants  Lots of people can run nmap, Nessus, and Metasploit, but to distinguish yourself in the field, this needs to be your jumping off point. Please Note: I’m not saying I am any good at this, there’s a reason I’m teaching the course instead of consulting ;-) MIS

15  For Metasploit, scripting is basically modules for meterpreter  Same concept as earlier, but specific to meterpreter sessions  This is also a point where the book contains older information  Scripts are no longer being accepted for Metasploit  Script functionality is being ported to modules. MIS

16  Metasploit is constantly evolving  To stay on top you may want to follow on twitter:  HD  Metasploit  Andréz  Check in on Rapid7 and DarkOperator  https://community.rapid7.com/welcome https://community.rapid7.com/welcome  MIS

17  https://community.rapid7.com/community/ metasploit/blog/2015/01/30/weekly- metasploit-wrapup https://community.rapid7.com/community/ metasploit/blog/2015/01/30/weekly- metasploit-wrapup MIS

18  pro pro MIS

19  MIS

20  We spent almost all of our time in the open source Metasploit Framework due to licensing  Metasploit Pro looks just as good and works just as well as the commercial products just mentioned MIS

21  1 st Exam Covering Metasploit  In the news  Introduction to WebGoat MIS

22 ? MIS


Download ppt "MIS 5212.001 Week 4 Site:"

Similar presentations


Ads by Google