6 min
Metasploit
Cisco IOS Penetration Testing with Metasploit
The Metasploit Framework and the commercial Metasploit products have always
provided features for assessing the security of network devices. With the latest
release, we took this a step further and focused on accelerating the penetration
testing process for Cisco IOS devices. While the individual modules and
supporting libraries were added to the open source framework, the commercial
products can now chain these modules together to quickly compromise all
vulnerable devices on the network. The sc
2 min
Metasploit
Sesame Open: Auditing Password Security with Metasploit 3.5.1
Secret passwords don't only get you into Aladdin's cave or the tree house, but
also into corporate networks and bank accounts. Yet, they are one of the weakest
ways to protect access. Sure, there are better ways to secure access, such as
smart cards or one-time password tokens, but these are still far from being
deployed everywhere although the technology has matured considerably over the
past years. Passwords are still the easiest way into a network.
The new Metasploit version 3.5.1 adds a l
4 min
Exploits
Setting Up a Test Environment for VPN Pivoting with Metasploit Pro
Penetration testing software only shows its true capabilities on actual
engagements. However, you cannot race a car before you've ever sat in the
driver's seat. That's why in this article I'd like to show you how to set up a
test environment for VPN pivoting, a Metasploit Pro
[https://www.rapid7.com/products/metasploit/download/] feature for intermediate
and advanced users recently described in this post
[https://community.rapid7.com/blogs/rapid7/2010/11/08/how-vpn-pivoting-creates-an-undetectab
1 min
Metasploit
Turning Your World Upside Down: Metasploit Ambigram Tattoos
Bill Swearingen aka hevnsnt blew us away by designing
a Metasploit ambigram for the Metasploit Pro tattoo
contest
You may remember Roy's Metasploit tattoo
[https://community.rapid7.com/blogs/rapid7/2010/11/01/we-weren-t-joking-when-we-said-tattoos]
a few weeks ago, which prompted our Metasploit Pro
[http://www.rapid7.com/products/metasploit-pro.jsp] tattoo competition. We
thought it was a cute idea, expecting a few fun pictures with felt pen tattoos
or tattoo photo montages of of the Metas
2 min
Metasploit
How VPN pivoting creates an undetectable local network tap
Let's assume your goal for an external penetration test is to pwn the domain
controller. Of course, the domain controller's IP address is not directly
accessible from the Web, so how do you go about it? Seasoned pentesters already
know the answer: they compromise a publicly accessible host and pivot to other
machines and network segments until they reach the domain controller. It's the
same concept as a frog trying to cross a pond by jumping from lily pad to lily
pad.
If you have already
2 min
Awards
We weren't joking when we said "tattoos"!
Be careful what we wish for: In 2006, HD Moore wrote a blog post
[/2006/08/27/metasploit-framework-30-beta-2] about a redesign of the Metasploit
Project, announcing that the new graphics “will be featured on tee shirts,
posters, and tattoos over the coming year.” Well, you guys took a little longer
than we thought but we now have our first Metasploit tattoo!
Initially, we thought Roy Morris (aka @soundwave1234
[http://twitter.com/soundwave1234]) was joking when he tweeted to @hdmoore
[htt
2 min
Exploits
Take an Earlier Flight Home with the New Metasploit Pro
We love it, our beta testers loved it, and we trust you will as well: today
we're introducing Metasploit Pro
[http://www.rapid7.com/products/metasploit-pro.jsp], our newest addition to the
Metasploit family, made for penetration testers who need a bigger, and better,
bag of tricks.
Metasploit Pro provides advanced penetration testing
capabilities, including web application exploitation and social
engineering.
The feedback from our beta testers has been fantastic, most people loved how
easily
1 min
Metasploit
Metasploit Framework 3.4.1 Released!
The Metasploit Project is proud to announce the release of the Metasploit
Framework version 3.4.1. As always, you can get it from our downloads page
[http://www.metasploit.com/framework/download/], for Windows or Linux. This
release sees the first official non-Windows Meterpreter payload, in PHP as
discussed last month [/2010/06/14/meterpreter-for-pwned-home-pages]. Rest
assured that more is in store for Meterpreter on other platforms. A new
extension called Railgun
[http://mail.metasploit.c
3 min
Metasploit
Approaching Metasploit 3.4.0 and Metasploit Express
Since mid-December, the Metasploit team has been working non-stop towards
version 3.4.0 of the Metasploit Framework. The final release is still scheduled
for mid-May, but I wanted to share some of the upcoming features, available
today from the development tree. Version 3.4.0 includes major improvements to
the Meterpreter payload, the expansion of the framework's brute force
capabilities, and the complete overhaul of the backend database schema and event
subsystem. In addition, more than 60 exp
3 min
Metasploit
Metasploit Framework 3.3.3 Exploit Rankings
This morning we released version 3.3.3
[http://www.metasploit.com/framework/download/] of the Metasploit Framework -
this release focuses on exploit rankings
[https://community.rapid7.com/docs/DOC-1034], session automation, and bug fixes.
The exploit rank indicates how reliable the exploit is and how likely it is for
the exploit to have a negative impact on the target system. This ranking can be
used to prevent exploits below a certain rank from being used and limit the
impact to a particular t
8 min
Metasploit
Metasploit 3.0 Automated Exploitation
A recurring theme in my presentations about Metasploit 3.0 is the need for
exploit automation. As of tonight, we finally have enough code to give a quick
demonstration :-)
Metasploit 3 uses the ActiveRecord
[http://wiki.rubyonrails.org/rails/pages/ActiveRecord] module (part of RoR
[http://rubyonrails.org/]) to provide an object-oriented interface to an
arbitrary database service. Database support is enabled by installing RubyGems
[http://www.rubygems.org/], ActiveRecord ("gem install activerec
4 min
Metasploit
Post-Exploitation Fun in Metasploit 3.0
So what does it mean when we talk about all the cool automation support that
Metasploit 3.0 has? Well, the answer is fairly broad. It means you can implement
plugins and other tools that can be used to extend and automate a number of
features included in the framework. By virtue of this fact, it means that you
can extend and automate one of the areas that I personally find the most
interesting: post-exploitation payloads. Spoonm and I recently completed a tour
of duty describing some of the coo