Spying on your victim with Screenspy of Metasploit in Ubuntu!


Screenspy is a feature in Meterpreter which allows you to view what your targeted host is doing on his workstation.  It captures the images on your targeted host, sends it back to you on a set interval (in seconds) and you will look at it as if its live on your local machine.

Source: http://eromang.zataz.com/2011/02/08/metasploit-meterpreter-screenshot-and-screenspy-stdapi/

KARMA + Metasploit Framework 3 == Karmetasploit


Background

In 2004 Dino Dai Zovi and Shane Macaulay presented All Your Layer Are Belong To Us at Pacsec in Tokyo. This presentation focused on the insecure behavior of wireless clients. Accompanying the presentation was a tool called KARMA (KARMA Attacks Radioed Machines Automatically). This tool acts as wireless access point and responds to all probe requests from wireless clients. Once a client has associated with the KARMA access point, every service they try to access leads to a malicious application. The services side of KARMA was written in Ruby, making it a perfect match for integration with version 3 of the Metasploit Framework.

Read the rest of this entry »

Finding the right vulnerability and exploit from Nessus report in Metasploit


If you have trouble setting up a database in Metasploit, see here.

Once you have already scanned your target using Nessus, download the report as .nessus file.  Run Metasploit and select the .nessus file with db_import /path/to/nessus/file.nessus.  I am running on Metasploit framework-3.6.0 while my Nessus is on 4.4.1Ubuntu 8.04 32bit.  Basically I got this file from either my friend or professor so I did not realize that it was actually Ubuntu 8.04.  It worked so I’m going to stick with it till the end of the month.  To get the latest version of Nessus, click here.  Agree to the license agreement before proceeding.

Next, type db_autopwn -x -t to see the available exploits from the reference that we have added earlier (the .nessus file).   You will see something similar to off below when you have gotten the result.  Please be reminded that I am using Ubuntu 10.10.

With the given result above, you can now use the available vulnerabilities listed.  This way it is much simpler than analyzing the Nessus report.  Metasploit automatically checks whether it have the vulnerability and those that matches with it from the report.  You don’t have to consume time finding the right exploit name or ID for it this way.  Always test with the given permission, never test this on another computer without the authority to do it, especially when you are in an organization.  You never know what kind of trouble you get into.

Not familiar with Nessus itself?  See here!

If you are not familiar with Nessus, you can execute it right from Msfconsole!  Offensive-security.com explains more here.

And few related offensive-security.com links that are pretty useful
1.) Metasploit Unleashed
2.) Nessus via Msfconsole
3.) SMB Login Check
4.) Vulnerability Scanning
5.) Working with Nessus

Other available resources

1.) Owning with Nessus and Metasploit
2.) Tenable Nessus
3.) Installing the Metasploit Project
4.) Everything Nessus
5.) Everything Metasploit

Creating database user for postgresql in Metasploit


I’m sure many of you would have trouble going through this stage if you are trying to setup the database within Metasploit.  I’m definitely one of them and I had trouble with it all the while until today, I’m not entirely sure whether the solution I’m giving is correct but I believe it should so I’m writing this quickly and will alter it when I’m done!

Please be reminded that I am doing this on an Ubuntu machine.
Please check the source link for now.

.

.

.

Source: http://dev.metasploit.com/redmine/projects/framework/wiki/Postgres_setup
General: http://dev.metasploit.com/redmine/projects/framework/wiki/Setting_Up_a_Database
Other: http://www.offensive-security.com/metasploit-unleashed/Configuring_Databases

Nessus + Metasploit = db_autopwn


Have you ever wanted to use 1 line of code that can do all the wonders of hacking for you, eg. entering the remote computer in your network without the target knowing?  Or remotely install a program into the computer and start running that program without their consent?  Wondering which exploit exists in Metasploit that is similar to the vulnerability you have found using Nessus?

Enter the world of combination between Metasploit and Nessus.  By linking both of them together, you can now run a simple code in Metasploit to do both of it at the same time!

Installing The Metasploit Project


Basically my current module in university requires me to get in touch with Metasploit so here is one of the links that helped me installing them on my Ubuntu 10.10 Maverick Meerkat.  Read more to learn on how to install and update Metasploit and a quick sample of how to use it.

Read the rest of this entry »

Penetration Testing | The Metasploit Project


Do you know what Metasploit is?  Have you ever used it?  Metasploit is one of the most useful penetration testing tool used by security specialists to look for vulnerabilities in a system.  If you are a hacker, this is a must learn tool for you.  If you are a penetration tester, this is a must have tool for you to find weaknesses in your own system and prevent hackers from entering.  Metasploit works in both Windows and Linux, although i believe most of the users would be Windows, professionals often use Linux for this task.  Visit their homepage here.  Speaking of the word hacker, i was enlighten by one of my professors in my university few days back, let me write it out in a new post :).