 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
|
Tools:
Pen Testing Framework:
Information:
|
Metasploit 3 The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
The Metasploit Framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.
Installation:
Windows - Simply double-click on the executable.
Unix - Requires ruby to be installed prior to extraction and compilation
yum install ruby ruby-irb ruby-libs ruby-rdoc ruby-devel readline rubygems gem install -v=1.2.2 rails For online updates, subversion also requires to be installed Updates can be run and will install via svn utilising the command msfupdate.cmd.
It is available from here. Execution:Open the Metasploit shortcut which will start a command prompt that automatically opens your default web browser. Alternatively, using command-line, msfweb.cmd will start the same process
The screen above shows the console and exploits gui already opened. The following is a simple exploitation of a Windows NT 4 server via the console: >> use windows/dcerpc/ms03_026_dcom |
||||||||||||||||||||||||||||||||||||||||||||||||
| © VulnerabilityAssessment.co.uk Thursday September 13, 2007 | |||||||||||||||||||||||||||||||||||||||||||||||||
| html hit counter |
