© Jean-Marie Guyon, 123RF.com

© Jean-Marie Guyon, 123RF.com

Penetration testing and shell tossing with Metasploit

Pen Test Tips

Article from ADMIN 09/2012
By
The powerful Metasploit framework helps you see your network as an intruder would see it. You might discover it is all too easy to get past your own defenses.

The Metasploit Framework [1] is a penetration testing toolkit, exploit-development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. By mixing and matching payloads, encoders, and NOP slide generators [2] with exploit modules, you can solve almost any exploit-related task.

In previous articles, I introduced you to the metasploit environment, the tools that professional attackers use [3], and how intruders hide malicious files from virus scanners [4]. In this article, I will walk you through using the latest version of the Nessus pre-built plugin filter Metasploit Framework in your penetration testing. You will get a glimpse at how pen testers use Metasploit to probe and penetrate a real-world system. I will also cover some useful Metasploit tips for achieving privilege escalation. For instance, wouldn't it be great to have a shell on another computer just in case you lose your meterpreter shell?

Integrating Nessus 5 with Metasploit

With the release of Nessus 5 configuration vulnerability scanning tool by Tenable Network Security, users now have better filtering, analysis, and reporting, as well as faster scanning time. The Metasploit Nessus plugin allows you to select only those checks that cover vulnerabilities whose exploits are in the Metasploit Exploit framework.

To start, go to the Tenable site [5], download Nessus 5, and install it. The new installation will reside in /opt/nessus and will install over the top of any previous Nessus versions. Start the nessus daemon and open your web browser to

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=