Search icon
Subscription
0
Cart icon
Close icon
You have no products in your basket yet
Save more on your purchases!
Savings automatically calculated. No voucher code required
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
$9.99 | ALL EBOOKS & VIDEOS
Over 7,000 tech titles at $9.99 each with AI-powered learning assistants on new releases
Mastering Metasploit - Fourth Edition
Mastering Metasploit - Fourth Edition

Mastering Metasploit: Exploit systems, cover your tracks, and bypass security controls with the Metasploit 5.0 framework, Fourth Edition

By Nipun Jaswal
$35.99 $9.99
Book Jun 2020 502 pages 4th Edition
eBook
$35.99 $9.99
Print
$48.99
Subscription
$15.99 Monthly
eBook
$35.99 $9.99
Print
$48.99
Subscription
$15.99 Monthly

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Buy Now

Product Details


Publication date : Jun 12, 2020
Length 502 pages
Edition : 4th Edition
Language : English
ISBN-13 : 9781838980078
Category :
Table of content icon View table of contents Preview book icon Preview Book

Mastering Metasploit - Fourth Edition

Chapter 1: Approaching a Penetration Test Using Metasploit

Penetration testing is an intentional attack on a computer-based system where the intention is to find vulnerabilities, security weaknesses, and certify whether a system is secure. A penetration test allows an organization to understand their security posture in terms of whether it is vulnerable to an attack, whether the implemented security is enough to oppose any invasion, which security controls can be bypassed, and much more. Hence, a penetration test focuses on improving the security posture of an organization.

Achieving success in a penetration test largely depends on using the right set of tools and techniques. A penetration tester must choose the right set of tools and methodologies to complete a test. While talking about the best tools for penetration testing, the first one that comes to mind is Metasploit. It is considered one of the most effective auditing tools to carry out penetration testing today. Metasploit...

Technical requirements

In this chapter, we made use of the following software and operating systems (OSes):

  • VMWare Workstation 12 Player for virtualization (any version can be used)/Oracle Virtual Box (throughout this book, we will use VMWare Workstation Player).
  • Ubuntu 18.03 LTS Desktop as a pentester's workstation VM with an IP of 192.168.188.128. You can download Ubuntu from https://ubuntu.com/download/desktop.
  • Windows 7 Ultimate 64-bit, version: 6.1.7601 Service Pack 1 Build 7601 as a target with IPs of 192.168.188.129 and 192.168.248.153 (any 64-bit Windows 7 release version prior to 2017).
  • Microsoft Windows Server 2008 R2 Enterprise 64-Bit, Version: 6.1.7601 Service Pack 1 Build 7601 as the domain controller with an IP of 192.168.248.10 (any Windows Server 2008/2012).
  • Metasploit 5.0.43 (https://www.metasploit.com/download).

Organizing a penetration test

When we think about conducting a penetration test on an organization, we need to make sure that everything works according to the penetration test standards. Therefore, if you feel you are new to penetration testing standards or uncomfortable with the term Penetration Testing Execution Standard (PTES), please refer to http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines to become more familiar with penetration testing and vulnerability assessments.

In line with to PTES, the following diagram explains the various phases of a penetration test:

Figure 1.2 – Phases of a penetration test

Important Note

Refer to http://www.pentest-standard.org/index.php/Main to set up the hardware and systematic stages to be followed when setting up a work environment.

Before we start firing sophisticated and complex attacks with Metasploit, let's understand the various phases of a penetration test and learn...

Mounting the environment

A successful penetration test largely depends on how well your work environment and labs are configured. Moreover, a successful test answers the following set of questions:

  • How well is your test lab configured?
  • Are all the necessary tools for testing available? How good is your hardware to support such tools?

    Before we start testing anything, we must make sure that all of the required sets of tools are available and updated.

Let's go ahead and set up Metasploit in a virtual environment.

Setting up Metasploit in a virtual environment

Before using Metasploit, we need to have a test lab. The best idea for setting up a test lab is to gather different machines and install different OSes on them. However, if we only have a single device, the best idea is to set up a virtual environment.

Virtualization plays an essential role in penetration testing today. Due to the high cost of hardware, virtualization plays a cost-effective role in...

The fundamentals of Metasploit

Now that we have recalled the essential phases of a penetration test and installed Metasploit, let's talk about the big picture; that is, Metasploit. Metasploit is a security project that provides exploits and tons of reconnaissance features to aid any penetration tester. Metasploit was created by H.D. Moore back in 2003, and since then, its rapid development has led it to be recognized as one of the most popular penetration testing tools available. Metasploit was a natively Ruby-driven project, but with its latest releases, it has started to support Python and Go modules as well. Metasploit offers various exploits, post exploits, and auxiliary, scanner, evasion, and exploit development tools.

With the release of Metasploit 5, a number of new capabilities have been added to Metasploit, some of which are as follows:

  • A choice between a database and the new HTTP-based data service
  • Evasion modules
  • The Automation API
  • Exploitation...

Conducting a penetration test with Metasploit

Now that we've set up Metasploit 5, we are ready to perform our first penetration test. However, before we start the test, let's recall some of the essential functions and terminologies used in Metasploit Framework.

Recalling the basics of Metasploit

After we run Metasploit, we can list all the useful commands available by typing help or ? in the Metasploit console. Let's recall the basic terms used in Metasploit, which are as follows:

  • Exploits: This is a piece of code that, when executed, will exploit the vulnerability of the target.
  • Payload: This is a piece of code that runs on the target after successful exploitation. It defines the actions we want to perform on the target system.
  • Auxiliary: These are modules that provide additional functionalities such as scanning, fuzzing, sniffing, and much more.
  • Encoders: Encoders are used to obfuscate modules to avoid detection by a protection mechanism such...

Benefits of penetration testing using Metasploit

Before we jump into an example penetration test, we must know why we should prefer Metasploit to manual exploitation techniques. Is this because of a hacker-like Terminal that gives us a pro look, or is there a different reason? Metasploit is the preferable choice compared to traditional manual techniques because of specific factors. We will discuss these in this section.

Open source

One of the top reasons why we should go with Metasploit Framework is because it is open source and actively developed. Various other expensive tools exist for carrying out penetration testing. However, Metasploit allows its users to access its source code and add their own custom modules. The Pro version of Metasploit is chargeable, but for the sake of learning, the Framework edition is mostly preferred.

Support for testing large networks and natural naming conventions

Using Metasploit is easy. However, here, ease of use refers to natural naming...

Case study – reaching the domain controller

Recalling the basics of Metasploit, we are all set to perform our first penetration test with Metasploit. Let's consider an on-site scenario where we are asked to test an IP address and check if it's vulnerable to an attack. The sole purpose of this test is to ensure all the proper checks are in place. This scenario is quite straightforward. We will presume that all the pre-interactions have been carried out with the client and that the actual testing phase is going to start.

Please refer to the Revisiting the case study section if you want to perform the hands-on exercise while reading the case study, as this will help you emulate the entire case study with exact configuration and network details.

Gathering intelligence

As we discussed earlier, the gathering intelligence phase revolves around collecting as much information as possible about the target. This includes performing active and passive scans, which include...

Revisiting the case study

We were given an IP address of 192.168.188.129 in order to test against known vulnerabilities. We followed a systematic approach, as follows:

  1. We created a new workspace using the workspace –a command for our test.
  2. We switched to the workspace using the workspace [workspace-name] command.
  3. We initialized a no ping Nmap scan against the target and found numerous open ports.
  4. The Nmap scan suggested that, on port 445 , an SMB service could be running on Windows 7-Windows 10.
  5. We initiated another Nmap scan, but this time, it was meant for only port 445. We did this using the smb-os-discovery script.
  6. We found that the results suggested that the operating system that's running was Windows 7 SP1 Ultimate edition.
  7. We knew that Windows 7/Windows Server 2008 are highly vulnerable against CVE-2017-0143, that is, the EternalBlue exploit.
  8. We initiated another Nmap scan, this time to confirm the presence of the vulnerability...

Summary

Throughout this chapter, we introduced the phases involved in penetration testing. We saw how we could set up a virtual environment and install Metasploit. We recalled the basic Metasploit commands and looked at the benefits of using databases in Metasploit. We conducted a penetration test exercise against a target and compromised it. Using the compromised system, we launched an attack against the Domain Controller system and gained access to it.

Having completed this chapter, you now know about the phases of a penetration test; the benefits of using databases in Metasploit; the basics of Metasploit Framework; and using exploit, post-exploits, plugins, and auxiliary modules in Metasploit.

The primary goal of this chapter was to get you familiar with the phases of a penetration test and the basics of Metasploit. This chapter focused entirely on preparing ourselves for the following chapters.

In the next chapter, we will dive deep into the wild world of scripting and...

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Make your network robust and resilient with this updated edition covering the latest pentesting techniques
  • Explore a variety of entry points to compromise a system while remaining undetected
  • Enhance your ethical hacking skills by performing penetration tests in highly secure environments

Description

Updated for the latest version of Metasploit, this book will prepare you to face everyday cyberattacks by simulating real-world scenarios. Complete with step-by-step explanations of essential concepts and practical examples, Mastering Metasploit will help you gain insights into programming Metasploit modules and carrying out exploitation, as well as building and porting various kinds of exploits in Metasploit. Giving you the ability to perform tests on different services, including databases, IoT, and mobile, this Metasploit book will help you get to grips with real-world, sophisticated scenarios where performing penetration tests is a challenge. You'll then learn a variety of methods and techniques to evade security controls deployed at a target's endpoint. As you advance, you’ll script automated attacks using CORTANA and Armitage to aid penetration testing by developing virtual bots and discover how you can add custom functionalities in Armitage. Following real-world case studies, this book will take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit 5.0 framework. By the end of the book, you’ll have developed the skills you need to work confidently with efficient exploitation techniques

What you will learn

Develop advanced and sophisticated auxiliary, exploitation, and post-exploitation modules Learn to script automated attacks using CORTANA Test services such as databases, SCADA, VoIP, and mobile devices Attack the client side with highly advanced pentesting techniques Bypass modern protection mechanisms, such as antivirus, IDS, and firewalls Import public exploits to the Metasploit Framework Leverage C and Python programming to effectively evade endpoint protection

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Buy Now

Product Details


Publication date : Jun 12, 2020
Length 502 pages
Edition : 4th Edition
Language : English
ISBN-13 : 9781838980078
Category :

Table of Contents

17 Chapters
Preface Chevron down icon Chevron up icon
1. Section 1 – Preparation and Development Chevron down icon Chevron up icon
2. Chapter 1: Approaching a Penetration Test Using Metasploit Chevron down icon Chevron up icon
3. Chapter 2: Reinventing Metasploit Chevron down icon Chevron up icon
4. Chapter 3: The Exploit Formulation Process Chevron down icon Chevron up icon
5. Chapter 4: Porting Exploits Chevron down icon Chevron up icon
6. Section 2 – The Attack Phase Chevron down icon Chevron up icon
7. Chapter 5: Testing Services with Metasploit Chevron down icon Chevron up icon
8. Chapter 6: Virtual Test Grounds and Staging Chevron down icon Chevron up icon
9. Chapter 7: Client-Side Exploitation Chevron down icon Chevron up icon
10. Section 3 – Post-Exploitation and Evasion Chevron down icon Chevron up icon
11. Chapter 8: Metasploit Extended Chevron down icon Chevron up icon
12. Chapter 9: Evasion with Metasploit Chevron down icon Chevron up icon
13. Chapter 10: Metasploit for Secret Agents Chevron down icon Chevron up icon
14. Chapter 11: Visualizing Metasploit Chevron down icon Chevron up icon
15. Chapter 12: Tips and Tricks Chevron down icon Chevron up icon
16. Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Filter icon Filter
Top Reviews
Rating distribution
Empty star icon Empty star icon Empty star icon Empty star icon Empty star icon 0
(0 Ratings)
5 star 0%
4 star 0%
3 star 0%
2 star 0%
1 star 0%

Filter reviews by


No reviews found
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.