With the arrival of Metasploit Framework Version 3.0 (MSF 3.0), the entire approach to information security testing is likely to be revolutionalized. MSF 3.0 is not only an exploit platform but also a security tool development platform. This book introduces the reader to the main features of the tool, outlines the steps for its installation, and discusses how to use it to run exploits. The book also includes content on advanced usage to automate exploits and run custom payloads and commands on exploited systems. The book covers the entire gamut of security testing—recon modules to determine vulnerable hosts and interface with scanners such as Nmap and Nessus, exploits and payloads to attack the specific vulnerabilities, and post-exploitation goodies to stealthily own the system, and possibly the entire network.
Edición: Syngress (2007)
Idioma: Inglés
Formato: PDF
Contenido:
- Introduction to Metasploit
- Architecture, Environment, and Installation
- Metasploit Framework and Advanced Environment Configurations
- Advanced Payloads and Add-on Modules
- Adding New Payloads
- Case Study 1: RaXnet Cacti Remote Command Execution
- Case Study 2: Mercur Messaging 2005 SP3 IMAP Remote Buffer Overflow (CVE –2006-1255)
- Case Study 3: SlimFTPd String Concatenation Overflow
- Case Study 4: WS-FTP Server 5.03 MKD Overflow
- Case Study 5: MailEnable HTTP Authorization Header Buffer Overflow
- Appendix A: Advantages of Network Vulnerability Testing with Metasploit 3.0
- Appendix B: Building a Test Lab for Penetration Testing
- Appendix C: Glossary of Technology and Terminology
Descarga/Download
No hay comentarios:
Publicar un comentario