1 min
Metasploit
Introducing Metasploitable 2!
Some folks may already be aware of Metasploitable, an intentionally vulnerable
virtual machine designed for training, exploit testing, and general target
practice. Unlike other vulnerable virtual machines, Metasploitable focuses on
vulnerabilities at the operating system and network services layer instead of
custom, vulnerable applications. I am happy to announce the release of
Metasploitable 2, an even better punching bag for security tools like Metasploit
[http://metasploit.com/downloads/], an
4 min
Metasploit
How to Create Custom Reports in Metasploit
Metasploit Pro has a powerful reporting engine with many standard reports but
also great ways to build your own reports. Custom reports can help you if in a
couple of different ways:
* Add your logo and corporate design to reports
* Change the way reports display the information
* Translate a reporting template to your local language
* Create new reports for regional compliance needs
A custom report is a report that you use template to generate. You can generate
a custom report with a te
2 min
Metasploit
Scanning for Vulnerable F5 BigIPs with Metasploit
This morning Matta Consulting posted an advisory
[https://www.trustmatta.com/advisories/MATTA-2012-002.txt] for the F5 BigIP
equipment. The advisory states that certain BigIP devices contain a SSH private
key on its filesystem that is trusted for remote root access on every other
BigIP appliance. Although Matta did not provide the private key, they did
provide the public key itself:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvIhC5skTzxyHif/7iy3yhxuK6/OB13hjPqrskogkYFrcW8OK4VJ T+5+Fx7wd4sQCnVn8rNqahw/x
5 min
Metasploit
Weekly Metasploit Update: Citrix Opcodes, Hash Collisions, and More!
This week's update has a nice new asymmetric DoS condition module, a bunch of
churn in Metasploit's Rails components, and some new Citrix attacks, so let's
get right into it.
Fuzzing for Citrix Opcodes
This week's update includes three new exploits for Citrix Provisioning Services,
the solution by Citrix "to stream a single desktop image to create multiple
virtual desktops on one or more servers in a data center" (vendor quote
[https://docs.citrix.com/en-us/categories/legacy-archive]). These mo
2 min
Metasploit
Webcast: Don't Pick the Lock, Steal the Key - Password Auditing With Metasploit
David Maloney's webcast for for network administrators and security engineers is
now available online. David discusses weaknesses in password-based
authentication on clients and servers and how to audit these as part of a
regular security program.
What you'll learn in this webcast
* Password storage systems and password obfuscation
* Strengths and weaknesses of the various approaches
* Real-life examples of badly implemented password authentication mechanisms
* How to audit passwords on
4 min
Metasploit
Can't Exploit Machines? A Metasploit Troubleshooting How To
It can be very frustrating to try exploiting machines and not succeeding,
especially if your vulnerability report is showing a lot of vulnerabilities on
the hosts you are trying to exploit. This is usually due to one of the following
reasons:
1. Not all reported vulnerabilities are exploitable. It may be because a
firewall or IPS/IDS is successfully stopping the attack, or simply because
your vulnerability scanner reported a false positive.
2. Your Metasploit machine or network connec
2 min
Metasploit
Weekly Metasploit Update: Dev Docs and More
This week in the U.S. is the unofficial start of summer, so that probably
explains why it's been a bit of a slow week in the Metasploit community,
hacking-wise. We have Weekly Metasploit Update: Dev Docs and Morea few new
modules for this week's update, but in addition to those, I'd like to mention a
few new resources we've put together for the Metasploit development community.
Docs and Videos
Over the last few weeks, we've been working up some more comprehensive
documentation on how to get sta
3 min
Metasploit
Using BackTrack 5 R2 with Metasploit Community or Metasploit Pro
As of version 5 R2, BackTrack comes pre-installed with Metasploit 4.1.4, so it's
now easier to use Metasploit Community Edition or Metasploit Pro on BackTrack.
Here is how it's done:
* After BackTrack boots, enter startx to get into the UI.
* Install BackTrack in a virtual machine using the Install BackTrack icon in
the top left corner. This is recommended so that Metasploit remembers its
product key; otherwise, you would have to register Metasploit each time.
* Log in with user root,
4 min
Exploits
My First Week at Metasploit
Hi all. I would like to take a minute to share some of my feelings about my
first week here as a full-time Metasploit exploit developer, and share some
exploit modules.
First of all, I would like to thank everyone on the the Metasploit team for
being so nice to me from the first week, and for helping me with anything I
need. They are definitely going easy on me during my first days! Their support
allowed me to build two exploits for the team during my first week here:
* batic_svg_java exploit
4 min
Metasploit
Top 10 Most Searched Metasploit Exploit and Auxiliary Modules
At Rapid7, we often get asked what the top 10 Metasploit modules are. This is a
hard question to answer: What does "top" mean anyway? Is it a personal opinion,
or what is being used in the industry? Because many Metasploit users work in
highly sensitive environments, and because we respect our users' privacy, the
product doesn't report any usage reports back to us.
We may have found a way to answer your questions: We looked at our
metasploit.com web server stats, specifically the Metasploit A
2 min
Metasploit
Weekly Metasploit Update: CCTV, SCADA, and More!
This week's update highlights Metasploit modules for embedded operating systems
(as opposed to the usual client or server targets), so let's hop to it.
Security Camera Hackers
On Tuesday, guest blogger Justin Cacak of Gotham Digital Science talked about
his module, cctv_dvr_login. The latest update for Metasploit has it now, so if
you happen to run into some of these devices, you can show off all your
Hollywood hacking skills by panning and zooming the security camera in the
executive washroom.
3 min
Metasploit
Hacking CCTV Security Video Surveillance Systems with Metasploit
From our guest blogger and Metasploit community contributor Justin Cacak at
Gotham Digital Science.
A new module for the Metasploit Framework, cctv_dvr_login
[http://metasploit.com/modules/auxiliary/scanner/misc/cctv_dvr_login], discovers
and tests the security of standalone CCTV (Closed Circuit Television) video
surveillance systems. Such systems are frequently deployed in retail stores,
living communities, personal residences, and business environments as part of
their physical security pro
1 min
Metasploit
Weekly Metasploit Update: Armitage, Psnuffle, and More
This week's update features a great big pile of Java source code, a makeover for
a perennial favorite feature, and a handful of new exploits. Read on, or just
skip all the yadda yadda and download Metasploit here.
Armitage Source
This week's biggest change in terms of LOC (lines of code) is the inclusion of
the Armitage source code, in external/source/armitage. For a while now, we've
been distributing Raphael Mudge's Armitage front-end for the Metasploit
Framework, but the source has been over
3 min
Metasploit
Weekly Metasploit Update: Back to Work!
Hey, it's the first post-Metasploit 4.3.0 update, which means that I'm back in
the blogging business. Huzzah!
We've all been heads-down for a while getting this bad boy
[http://www.metasploit.com/download/] out the door, so while there's not a ton
of new functionality to talk about this week, we do have some neat new modules,
and one API change for module developers.
Wake On LAN
"The most secure computer is the one that's not turned on," is an old computer
security adage, speaking to the compl
4 min
Metasploit
Weekly Metasploit Update: SCADA, Lab Gem, and Squid Pivoting
This week's update [http://www.metasploit.com/download/] is packed full of
awesome, and I don't use that term lightly.
SCADA Attacks, DigtialBond, and Metasploit
This week sees the addition of six new SCADA modules, targeting a variety of PLC
devices, including two new modules aimed at the Schneider Quantum programmable
logic controller (PLC). In order to give penetration testers the ability to
accurately assess SCADA infrastructure, Tod Beardsley (from Rapid7) and K. Reid
Wightman (from Digit