SlideShare ist ein Scribd-Unternehmen logo

BSides Algiers - Metasploit framework - Oussama Elhamer

Als PPTX, PDF herunterladen
Shellmates
Shellmates
TechnologieBildung
1 von 17
The Metasploit Framework By Elhamer Oussama Abdelkhalek
Contents : • Introduction : I. Basics . II. Running an attack The old fashioned way . III. Overview of the metasploit project and framework IV. Run the same attack using metasploit . • Metasploit overview and Basic framework usage . I. Metasploit Architechture . II. Consols . • MeterPreter basics and overView
Exploitation ! • Vulnerability : a weakness which allow an attacker to braek into a system security. • Exploit : code which allow attacker to take advantage of a vulnerable system • Payload : A code that Run On the System After Exploitation
-Vunerability -Exploit -Payload
1. Exploit RunsFirst 2. PayLoad Runs NextIf Exploit Succeed Exploit + Payload Data DownLooad VulnerableSystem Attacker Uploading Malwares …
Run an Exploit The Old Fashion Way .The Vulnerability : RPCDCOM The Buffer Overflow In Rcp Interface ; .The Exploit And The PayLoad are Availble ;
The Problem ! • A Lot Of Exploits ! • Hard To Cutomize The Payload . • Testing exploit Research is Painfull !. • Metasploit is a Short Cut 
What Is Metasploit ? • Metasploit has come to be synonymous with the Metasploit Framework. • The Metasploit Project Whose goal is to provide information that will be useful in I. Pentration Testing. II. IDS Signature. I. exploit research. • Developped By H.D Moor 2003 then acquired by Rapid7 • Primarily written in perl, • Then Rewritten in Ruby ‘Largest proGramme Even Wrotte In Ruby’ !! • The framework is an open-source platform for developing, testing and using exploit code. • The current “stable” version is version 4 • Similar to the commercial projects Canvas (Immunity) and Impact (Core)
Benefits • Over 600 tested exploits and 200 payloads ! • Plug and play of payloads with exploits -matching the Payload whith The Exloit -Try different Payload with The Same Exploit Code . • Lot Of Tools and Features For better And Faster pentests
Using Metasploit • Show – list modules available (exploits, payloads, etc) • Use – Use a specific exploit module • Set – set specific variables (Case sensitive) • RHOST – Remote Host (who we’re attacking) • PAYLOAD – The payload to carry • LHOST – Local Host (for the phone home attacks, reverse shell) • Exploit – run the exploit. • RpcDcom Using Metasploit.
Using Metasploit :
Metasploit Architecture:
MeterPreter • What We Are Looking For is a Payload which : • - Avoid Creation of a new Process . • - Should Run in The Exploited process’ Context. • - Should Not Created a new File On disk . • - Import More Functionality (extending ) and not Be Limited Whith The Created Remote Shell Commande . • - That Exactly What MeterPreter Do !
Meterpreter Basics • Post exploitation Tool • Woks by using in memory DLL injection • Does Not Create any files on disk • Uses encrypted communication between Client and Attacker • Stable ,Flexible and Extensible ! • Can be extended at runtime by shipping dlls To the Victime
How It Works • When The Exploit Succeed • Exploit and Run The First PayLoad  • PayLoad Connectes Back To Msf  • 2nd Stage Dll Injection Payload Sent  • Msf Sends Merterpreter Server Dll • Client And Server Communication 
Using Meterpreter • DEMO
Client Server Communication In Meterpreter • The Communication Is Encrypted . • In The Form of TlVs (Type Length Value). • So Multiple Channels Of communication can use the same client –server connection . • Allow For multiple programs running on the victim to communicate at the same Time . • Demo.

Empfohlen

Metasploit for Web Workshop
Metasploit for Web WorkshopMetasploit for Web Workshop
Metasploit for Web Workshop
Dennis Maldonado
 
Metasploit For Beginners
Metasploit For BeginnersMetasploit For Beginners
Metasploit For Beginners
Ramnath Shenoy
 
Boot-To-Root KIOPTRIX Level -1
Boot-To-Root KIOPTRIX Level -1Boot-To-Root KIOPTRIX Level -1
Boot-To-Root KIOPTRIX Level -1
Venkat Raman
 
Metaploit
MetaploitMetaploit
Metaploit
Ajinkya Pathak
 
Metasploit - Basic and Android Demo
Metasploit - Basic and Android DemoMetasploit - Basic and Android Demo
Metasploit - Basic and Android Demo
Arpit Agarwal
 
Metasploit Demo
Metasploit DemoMetasploit Demo
Metasploit Demo
n|u - The Open Security Community
 
Fileless Malware [Cyber Security]
Fileless Malware [Cyber Security]Fileless Malware [Cyber Security]
Fileless Malware [Cyber Security]
sumit saurav
 
Virtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureVirtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot Architecture
Tamas K Lengyel
 

Empfohlen

Metasploit for Web Workshop
Metasploit for Web WorkshopMetasploit for Web Workshop
Metasploit for Web Workshop
Dennis Maldonado
 
Metasploit For Beginners
Metasploit For BeginnersMetasploit For Beginners
Metasploit For Beginners
Ramnath Shenoy
 
Boot-To-Root KIOPTRIX Level -1
Boot-To-Root KIOPTRIX Level -1Boot-To-Root KIOPTRIX Level -1
Boot-To-Root KIOPTRIX Level -1
Venkat Raman
 
Metaploit
MetaploitMetaploit
Metaploit
Ajinkya Pathak
 
Metasploit - Basic and Android Demo
Metasploit - Basic and Android DemoMetasploit - Basic and Android Demo
Metasploit - Basic and Android Demo
Arpit Agarwal
 
Metasploit Demo
Metasploit DemoMetasploit Demo
Metasploit Demo
n|u - The Open Security Community
 
Fileless Malware [Cyber Security]
Fileless Malware [Cyber Security]Fileless Malware [Cyber Security]
Fileless Malware [Cyber Security]
sumit saurav
 
Virtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureVirtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot Architecture
Tamas K Lengyel
 
Metasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeMetasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning Tree
E Hacking
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
 
Practical Windows Kernel Exploitation
Practical Windows Kernel ExploitationPractical Windows Kernel Exploitation
Practical Windows Kernel Exploitation
zeroSteiner
 
Is That A Penguin In My Windows?
Is That A Penguin In My Windows?Is That A Penguin In My Windows?
Is That A Penguin In My Windows?
zeroSteiner
 
Metasploit Railguns presentation @ tcs hyderabad
Metasploit Railguns presentation @ tcs hyderabadMetasploit Railguns presentation @ tcs hyderabad
Metasploit Railguns presentation @ tcs hyderabad
Chaitanya krishna
 
Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploit
devilback
 
Penetration testing using metasploit
Penetration testing using metasploitPenetration testing using metasploit
Penetration testing using metasploit
Aashish R
 
Pentest with Metasploit
Pentest with MetasploitPentest with Metasploit
Pentest with Metasploit
M.Syarifudin, ST, OSCP, OSWP
 
SSMF (Security Scope Metasploit Framework) - Course Syllabus
SSMF (Security Scope Metasploit Framework) - Course SyllabusSSMF (Security Scope Metasploit Framework) - Course Syllabus
SSMF (Security Scope Metasploit Framework) - Course Syllabus
Security Scope
 
Metasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel ExploitationMetasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel Exploitation
zeroSteiner
 
Metasploit
MetasploitMetasploit
Metasploit
Raghunath G
 
Linux and windows
Linux and windowsLinux and windows
Linux and windows
DevMix
 
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With MetasploitMetasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With Metasploit
Anurag Srivastava
 
Automated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkAutomated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit Framework
Tom Eston
 
The State of the Veil Framework
The State of the Veil FrameworkThe State of the Veil Framework
The State of the Veil Framework
VeilFramework
 
A Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and MoreA Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and More
CTruncer
 
AV Evasion with the Veil Framework
AV Evasion with the Veil FrameworkAV Evasion with the Veil Framework
AV Evasion with the Veil Framework
VeilFramework
 
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningNSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
Tamas K Lengyel
 
Veil-Ordnance
Veil-OrdnanceVeil-Ordnance
Veil-Ordnance
VeilFramework
 
Malware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware VirtualizationMalware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware Virtualization
Tamas K Lengyel
 
Metasploit Humla for Beginner
Metasploit Humla for BeginnerMetasploit Humla for Beginner
Metasploit Humla for Beginner
n|u - The Open Security Community
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
Georgia Weidman
 

Weitere ähnliche Inhalte

Was ist angesagt?

Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploit
devilback
 

Was ist angesagt? (20)

Metasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeMetasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning Tree
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
 
Practical Windows Kernel Exploitation
Practical Windows Kernel ExploitationPractical Windows Kernel Exploitation
Practical Windows Kernel Exploitation
 
Is That A Penguin In My Windows?
Is That A Penguin In My Windows?Is That A Penguin In My Windows?
Is That A Penguin In My Windows?
 
Metasploit Railguns presentation @ tcs hyderabad
Metasploit Railguns presentation @ tcs hyderabadMetasploit Railguns presentation @ tcs hyderabad
Metasploit Railguns presentation @ tcs hyderabad
 
Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploit
 
Penetration testing using metasploit
Penetration testing using metasploitPenetration testing using metasploit
Penetration testing using metasploit
 
Pentest with Metasploit
Pentest with MetasploitPentest with Metasploit
Pentest with Metasploit
 
SSMF (Security Scope Metasploit Framework) - Course Syllabus
SSMF (Security Scope Metasploit Framework) - Course SyllabusSSMF (Security Scope Metasploit Framework) - Course Syllabus
SSMF (Security Scope Metasploit Framework) - Course Syllabus
 
Metasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel ExploitationMetasploit & Windows Kernel Exploitation
Metasploit & Windows Kernel Exploitation
 
Metasploit
MetasploitMetasploit
Metasploit
 
Linux and windows
Linux and windowsLinux and windows
Linux and windows
 
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With MetasploitMetasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With Metasploit
 
Automated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkAutomated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit Framework
 
The State of the Veil Framework
The State of the Veil FrameworkThe State of the Veil Framework
The State of the Veil Framework
 
A Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and MoreA Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and More
 
AV Evasion with the Veil Framework
AV Evasion with the Veil FrameworkAV Evasion with the Veil Framework
AV Evasion with the Veil Framework
 
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningNSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
 
Veil-Ordnance
Veil-OrdnanceVeil-Ordnance
Veil-Ordnance
 
Malware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware VirtualizationMalware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware Virtualization
 

Andere mochten auch

Alphorm.com Support de la formation Hacking et Sécurité Metasploit
Alphorm.com Support de la formation Hacking et Sécurité MetasploitAlphorm.com Support de la formation Hacking et Sécurité Metasploit
Alphorm.com Support de la formation Hacking et Sécurité Metasploit
Alphorm
 
Metasploit-TOI-Ebryx-PVT-Ltd
Metasploit-TOI-Ebryx-PVT-LtdMetasploit-TOI-Ebryx-PVT-Ltd
Metasploit-TOI-Ebryx-PVT-Ltd
Ali Hussain
 
Network Packet Analysis
Network Packet AnalysisNetwork Packet Analysis
Network Packet Analysis
Ammar WK
 

Andere mochten auch (20)

Metasploit Humla for Beginner
Metasploit Humla for BeginnerMetasploit Humla for Beginner
Metasploit Humla for Beginner
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
 
Tranning-2
Tranning-2Tranning-2
Tranning-2
 
Webinar Metasploit Framework - Academia Clavis
Webinar Metasploit Framework - Academia ClavisWebinar Metasploit Framework - Academia Clavis
Webinar Metasploit Framework - Academia Clavis
 
Metasploit for information gathering
Metasploit for information gatheringMetasploit for information gathering
Metasploit for information gathering
 
Slide Palestra "Metasploit Framework"
Slide Palestra "Metasploit Framework"Slide Palestra "Metasploit Framework"
Slide Palestra "Metasploit Framework"
 
Alphorm.com Support de la formation Hacking et Sécurité Metasploit
Alphorm.com Support de la formation Hacking et Sécurité MetasploitAlphorm.com Support de la formation Hacking et Sécurité Metasploit
Alphorm.com Support de la formation Hacking et Sécurité Metasploit
 
Basic Metasploit
Basic MetasploitBasic Metasploit
Basic Metasploit
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren't
 
Metasploit: Pwnage and Ponies
Metasploit: Pwnage and PoniesMetasploit: Pwnage and Ponies
Metasploit: Pwnage and Ponies
 
Penetration test
Penetration testPenetration test
Penetration test
 
Metasploit-TOI-Ebryx-PVT-Ltd
Metasploit-TOI-Ebryx-PVT-LtdMetasploit-TOI-Ebryx-PVT-Ltd
Metasploit-TOI-Ebryx-PVT-Ltd
 
Informationssicherheit im Übersetzungsprozess
Informationssicherheit im ÜbersetzungsprozessInformationssicherheit im Übersetzungsprozess
Informationssicherheit im Übersetzungsprozess
 
Static PIE, How and Why - Metasploit's new POSIX payload: Mettle
Static PIE, How and Why - Metasploit's new POSIX payload: MettleStatic PIE, How and Why - Metasploit's new POSIX payload: Mettle
Static PIE, How and Why - Metasploit's new POSIX payload: Mettle
 
Slide curso metasploit
Slide curso metasploitSlide curso metasploit
Slide curso metasploit
 
Scrum Überblick Teil 1
Scrum Überblick Teil 1Scrum Überblick Teil 1
Scrum Überblick Teil 1
 
Oscp preparation
Oscp preparationOscp preparation
Oscp preparation
 
Network Packet Analysis
Network Packet AnalysisNetwork Packet Analysis
Network Packet Analysis
 
Writing Metasploit Plugins
Writing Metasploit PluginsWriting Metasploit Plugins
Writing Metasploit Plugins
 
Pen-Testing with Metasploit
Pen-Testing with MetasploitPen-Testing with Metasploit
Pen-Testing with Metasploit
 

Ähnlich wie BSides Algiers - Metasploit framework - Oussama Elhamer

Creating Havoc using Human Interface Device
Creating Havoc using Human Interface DeviceCreating Havoc using Human Interface Device
Creating Havoc using Human Interface Device
Positive Hack Days
 
DefCamp 2013 - MSF Into The Worm Hole
DefCamp 2013 - MSF Into The Worm HoleDefCamp 2013 - MSF Into The Worm Hole
DefCamp 2013 - MSF Into The Worm Hole
DefCamp
 
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
Amit Kumbhar
 

Ähnlich wie BSides Algiers - Metasploit framework - Oussama Elhamer (20)

Metasploit
MetasploitMetasploit
Metasploit
 
Open Source Cyber Weaponry
Open Source Cyber WeaponryOpen Source Cyber Weaponry
Open Source Cyber Weaponry
 
Creating Havoc using Human Interface Device
Creating Havoc using Human Interface DeviceCreating Havoc using Human Interface Device
Creating Havoc using Human Interface Device
 
Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)
 
Introduction to metasploit
Introduction to metasploitIntroduction to metasploit
Introduction to metasploit
 
Metasploit Computer security testing tool
Metasploit Computer security testing toolMetasploit Computer security testing tool
Metasploit Computer security testing tool
 
Introduction to Metasploit
Introduction to MetasploitIntroduction to Metasploit
Introduction to Metasploit
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
 
01 Metasploit kung fu introduction
01 Metasploit kung fu introduction01 Metasploit kung fu introduction
01 Metasploit kung fu introduction
 
Metasploit
MetasploitMetasploit
Metasploit
 
DefCamp 2013 - MSF Into The Worm Hole
DefCamp 2013 - MSF Into The Worm HoleDefCamp 2013 - MSF Into The Worm Hole
DefCamp 2013 - MSF Into The Worm Hole
 
Injection on Steroids: Codeless code injection and 0-day techniques
Injection on Steroids: Codeless code injection and 0-day techniquesInjection on Steroids: Codeless code injection and 0-day techniques
Injection on Steroids: Codeless code injection and 0-day techniques
 
unit 2 confinement techniques.pdf
unit 2 confinement techniques.pdfunit 2 confinement techniques.pdf
unit 2 confinement techniques.pdf
 
Practical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - ExploitationPractical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - Exploitation
 
Botnets Attacks.pptx
Botnets Attacks.pptxBotnets Attacks.pptx
Botnets Attacks.pptx
 
Introduction to Metasploit
Introduction to MetasploitIntroduction to Metasploit
Introduction to Metasploit
 
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testing
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritz
 
PowerShell Defcon for Cybersecurity Topics
PowerShell Defcon for Cybersecurity TopicsPowerShell Defcon for Cybersecurity Topics
PowerShell Defcon for Cybersecurity Topics
 

Mehr von Shellmates

Atelier Python 2eme partie par Achraf Kacimi El Hassani
Atelier Python 2eme partie par Achraf Kacimi El HassaniAtelier Python 2eme partie par Achraf Kacimi El Hassani
Atelier Python 2eme partie par Achraf Kacimi El Hassani
Shellmates
 
BSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane TalmatBSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane Talmat
Shellmates
 
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal HarouniBSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
Shellmates
 
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama ElhamerBSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
Shellmates
 
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
BSides Algiers - Reversing Win32 applications - Yacine HebbalBSides Algiers - Reversing Win32 applications - Yacine Hebbal
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
Shellmates
 
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani BenhabilesBSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
Shellmates
 
BSides Algiers - Normes ISO 2700x - Badis Remli
BSides Algiers - Normes ISO 2700x - Badis RemliBSides Algiers - Normes ISO 2700x - Badis Remli
BSides Algiers - Normes ISO 2700x - Badis Remli
Shellmates
 
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
BSides Algiers - PHP Static Code Analysis - Abdeldjalil BelakhdarBSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
Shellmates
 
BSides Algiers - Certification Electronique - Lilia Ounini
BSides Algiers - Certification Electronique - Lilia OuniniBSides Algiers - Certification Electronique - Lilia Ounini
BSides Algiers - Certification Electronique - Lilia Ounini
Shellmates
 
BSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane TalmatBSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane Talmat
Shellmates
 

Mehr von Shellmates (15)

Cryptography basics
Cryptography basicsCryptography basics
Cryptography basics
 
HTML basics
HTML basics HTML basics
HTML basics
 
Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15
Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15
Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15
 
Atelier Python 2eme partie par Achraf Kacimi El Hassani
Atelier Python 2eme partie par Achraf Kacimi El HassaniAtelier Python 2eme partie par Achraf Kacimi El Hassani
Atelier Python 2eme partie par Achraf Kacimi El Hassani
 
JavaScript 1.0 by Zakaria Smahi
JavaScript 1.0 by Zakaria SmahiJavaScript 1.0 by Zakaria Smahi
JavaScript 1.0 by Zakaria Smahi
 
Introduction à Python - Achraf Kacimi El Hassani
Introduction à Python - Achraf Kacimi El HassaniIntroduction à Python - Achraf Kacimi El Hassani
Introduction à Python - Achraf Kacimi El Hassani
 
BSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane TalmatBSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane Talmat
 
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal HarouniBSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
 
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama ElhamerBSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
 
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
BSides Algiers - Reversing Win32 applications - Yacine HebbalBSides Algiers - Reversing Win32 applications - Yacine Hebbal
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
 
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani BenhabilesBSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
 
BSides Algiers - Normes ISO 2700x - Badis Remli
BSides Algiers - Normes ISO 2700x - Badis RemliBSides Algiers - Normes ISO 2700x - Badis Remli
BSides Algiers - Normes ISO 2700x - Badis Remli
 
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
BSides Algiers - PHP Static Code Analysis - Abdeldjalil BelakhdarBSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
 
BSides Algiers - Certification Electronique - Lilia Ounini
BSides Algiers - Certification Electronique - Lilia OuniniBSides Algiers - Certification Electronique - Lilia Ounini
BSides Algiers - Certification Electronique - Lilia Ounini
 
BSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane TalmatBSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane Talmat
 

Kürzlich hochgeladen

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Kürzlich hochgeladen (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 

BSides Algiers - Metasploit framework - Oussama Elhamer

  • 1. The Metasploit Framework By Elhamer Oussama Abdelkhalek
  • 2. Contents : • Introduction : I. Basics . II. Running an attack The old fashioned way . III. Overview of the metasploit project and framework IV. Run the same attack using metasploit . • Metasploit overview and Basic framework usage . I. Metasploit Architechture . II. Consols . • MeterPreter basics and overView
  • 3. Exploitation ! • Vulnerability : a weakness which allow an attacker to braek into a system security. • Exploit : code which allow attacker to take advantage of a vulnerable system • Payload : A code that Run On the System After Exploitation
  • 5. 1. Exploit RunsFirst 2. PayLoad Runs NextIf Exploit Succeed Exploit + Payload Data DownLooad VulnerableSystem Attacker Uploading Malwares …
  • 6. Run an Exploit The Old Fashion Way .The Vulnerability : RPCDCOM The Buffer Overflow In Rcp Interface ; .The Exploit And The PayLoad are Availble ;
  • 7. The Problem ! • A Lot Of Exploits ! • Hard To Cutomize The Payload . • Testing exploit Research is Painfull !. • Metasploit is a Short Cut 
  • 8. What Is Metasploit ? • Metasploit has come to be synonymous with the Metasploit Framework. • The Metasploit Project Whose goal is to provide information that will be useful in I. Pentration Testing. II. IDS Signature. I. exploit research. • Developped By H.D Moor 2003 then acquired by Rapid7 • Primarily written in perl, • Then Rewritten in Ruby ‘Largest proGramme Even Wrotte In Ruby’ !! • The framework is an open-source platform for developing, testing and using exploit code. • The current “stable” version is version 4 • Similar to the commercial projects Canvas (Immunity) and Impact (Core)
  • 9. Benefits • Over 600 tested exploits and 200 payloads ! • Plug and play of payloads with exploits -matching the Payload whith The Exloit -Try different Payload with The Same Exploit Code . • Lot Of Tools and Features For better And Faster pentests
  • 10. Using Metasploit • Show – list modules available (exploits, payloads, etc) • Use – Use a specific exploit module • Set – set specific variables (Case sensitive) • RHOST – Remote Host (who we’re attacking) • PAYLOAD – The payload to carry • LHOST – Local Host (for the phone home attacks, reverse shell) • Exploit – run the exploit. • RpcDcom Using Metasploit.
  • 13. MeterPreter • What We Are Looking For is a Payload which : • - Avoid Creation of a new Process . • - Should Run in The Exploited process’ Context. • - Should Not Created a new File On disk . • - Import More Functionality (extending ) and not Be Limited Whith The Created Remote Shell Commande . • - That Exactly What MeterPreter Do !
  • 14. Meterpreter Basics • Post exploitation Tool • Woks by using in memory DLL injection • Does Not Create any files on disk • Uses encrypted communication between Client and Attacker • Stable ,Flexible and Extensible ! • Can be extended at runtime by shipping dlls To the Victime
  • 15. How It Works • When The Exploit Succeed • Exploit and Run The First PayLoad  • PayLoad Connectes Back To Msf  • 2nd Stage Dll Injection Payload Sent  • Msf Sends Merterpreter Server Dll • Client And Server Communication 
  • 17. Client Server Communication In Meterpreter • The Communication Is Encrypted . • In The Form of TlVs (Type Length Value). • So Multiple Channels Of communication can use the same client –server connection . • Allow For multiple programs running on the victim to communicate at the same Time . • Demo.