Metasploit

World’s most used penetration testing software

Patator

Patator was written out of frustration from using Hydra, Medusa, Ncrack, Metasploit modules and Nmap NSE scripts for password guessing attacks. I opted for a different approach in order to not create yet another brute-forcing tool and avoid repeating the same shortcomings. Patator is a multi-threaded tool written in Python, that strives to be more reliable and flexible than his fellow predecessors. More information about Patator https://github.com/lanjelot/patator

Extraer el fichero passwd mediante Metasploit utilizando un exploit para la aplicación vsftpd desde PowerShell

Utilizar el payload de ejecución de comandos arbitrarios para ejecutar PowerShell

Abrir Metasploit, utilizar el payload “windows/exec” (-p windows/exec) para ejecutar el comando powershell “CMD” (CMD=”powershell”) mediante un thread (EXITFUNC=thread) y mostrar la salida en formato de variable de Powershell (-f powershell)

Variable para utilizar en PowerShell

 

Introducción a Metasploit con Powershell (Nmap)

Introducción a Metasploit con Powershell (MSFconsole)

MSFvenom

msfvenom is a combination of Msfpayload and Msfencode, putting both of these tools into a single Framework instance. Note: msfvenom has replaced both msfpayload and msfencode as of June 8th, 2015. The advantages of msfvenom are: One single tool Standardized command line options Increased speed More information: https://www.offensive-security.com/metasploit-unleashed/msfvenom/

Posh-SecModule

This module is a PowerShell v3 only module at the moment. The module is a collection of functions that I have found usefull in my day to day work as a security professional. The functions are broken in to functionality: Discovery: Perform network discovery. Parse: Parsers for Nmap, DNSRecon and other type of output files from security tools. PostExploitation: Functions to help in performing post exploitation tasks. Registry: Collection of functions for manipulating the registry in remote hosts using WMI. Nessus: Collection of assemblies and functions for automating the Nessus Vulnerability Scanner. Utilities: General purpose functions. Audit: Functions that may […]

Sqlninja

Fancy going from a SQL Injection on Microsoft SQL Server to a full GUI access on the DB? Take a few new SQL Injection tricks, add a couple of remote shots in the registry to disable Data Execution Prevention, mix with a little Perl that automatically generates a debug script, put all this in a shaker with a Metasploit wrapper, shake well and you have just one of the attack modules of sqlninja! Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to […]