Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.

Published byCornelius Bruce Modified over 9 years ago

Similar presentations

Presentation on theme: "A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047."— Presentation transcript:

1

2 A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047

3  Tool for development and testing of vulnerabilities  Can be used for: --Penetration Testing --Exploit Research --Developing IDS Signatures  Started By H.D. Moore in 2003  Acquired By Rapid7  Remains Open Source and free for use  Written in Ruby

4  Over 1000+ tested exploits  Over 253 payloads and 27 encoders!  Metasploit offers “plug n play” of payloads with exploit --This alone is a huge advantage  Tones of other features for better and faster pentests Overview Continued……

5  Runs on any operating system --source code for Linux/Unix/Mac OS x --portable to windows via CYGWIN  Allows anyone to exploit & usually “root” Certain machines with only an “IP address” and a basic background of the system  Requires no knowledge of the software bug, or exploit machine code Overview Continued……..

6  Vulnerability – a weakness which allows an attacker to break into /compromise a system’s security  Exploit – code which allows an attacker to take advantage of a vulnerable system  Payload- actual code which runs on the system after exploitation Exploit= Vulnerability + Payload

7 1.Vulnerability 2.Exploit 3.Payload

8 Vulnerable computer Attacker 2.Exploit Runs first…. 3. Payload Runs Next if Exploit succeeds

9

10 ACCESSING METASPLOIT Msfgui Msfweb Msfcli Msfconsole

11 Interactive console for Metasploit Has tab completion External commands can be executed Best among available interfaces to get most out of Metasploit

12  Dozens of exploits available --Manage, update, customize—nightmare  To customize payload, rewrite may be required of exploit program --Time consuming,high skill required  Testing and exploit research is tedious without a framework

13  Individual payloads can only do single tasks -Add user -Bind shell to port  Most exploits include a remote shell(command interpreter) creating payload  Disadvantages -creation of new process may trigger alarm -Limited by commands the shell can run

14  A payload which: -Avoid creation of new process -Should run in exploited process’ context -Should not create a new file on disk -Create a “platform” which allows import more Functionality remotely (“extending”) -Allows for writing scripts which can leverage this platform

15 Important directories include: -Modules -Scripts -Plugins -Externals -Data -Tools

16  Active evaluation of system or network of systems  Assume the role of a black hat hacker or “bad guy”  Often uses the same tool as hackers

17  Metasploit brings together many of the tools and techniques used by hackers

18 Understanding windows Desktops Session 0 typically represents console -other represent remote desktop sessions Window station is an object containing a group desktop objects among other things WinSta0 is only interactive window station in every session -Allow interaction of user -Default interact with logged in user -Winlogon while user is logging on Each WinSta0 desktop has its own keyboard buffer -Sniffing logon passwords

19 Windows Security… Every user on windows system is identified by a unique Security Identifier (SID) SID is of the form: S-Revision Level – identified Authority Value – domain or local ID – Relative ID e.g. S-1-5-21-3623811015-3361044348-30300820-10 13

20 UNDERSTANDING TOKENS User Process Thread 1Thread 2Thread 3 Primary token Primary Token SID Groups Privileges Other Info Account Required privileges

21  Metasploit is very powerful, and very dangerous  This is a briefing of a demo I did on my own systems & network, not a “live” demo  I used VMWare to isolate the operating system from other systems and the internet  Use of this an any unauthorized way will get you fired/arrested/deported

22

23

Download ppt "A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047."

Similar presentations

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.
Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
Understand Database Security Concepts

Understand Database Security Concepts
Offensive Security Part 1 Basics of Penetration Testing

Offensive Security Part 1 Basics of Penetration Testing
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Introduction To Windows NT ® Server And Internet Information Server.

Introduction To Windows NT ® Server And Internet Information Server.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Browser Exploitation Framework (BeEF) Lab

Browser Exploitation Framework (BeEF) Lab
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Installing software on personal computer

Installing software on personal computer
© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.

© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.
Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.

Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
Telnet/SSH: Connecting to Hosts Internet Technology1.

Telnet/SSH: Connecting to Hosts Internet Technology1.
Managing Windows Server 2008 R2 Lesson 2. Objectives.

Managing Windows Server 2008 R2 Lesson 2. Objectives.
Chapter Six Windows XP Security and Access Controls.

Chapter Six Windows XP Security and Access Controls.
Honeypot and Intrusion Detection System

Honeypot and Intrusion Detection System
Module 7: Fundamentals of Administering Windows Server 2008.

Module 7: Fundamentals of Administering Windows Server 2008.
The Microsoft Baseline Security Analyzer A practical look….

The Microsoft Baseline Security Analyzer A practical look….

Similar presentations

Ads by Google