Chapter XVII Metasploit Framework

Others 2019-09-05 18:22:23 views: null

Troubled penetration testers
▪ need to have hundreds of tools, thousands of command parameters, can not really remember
▪ emerging vulnerabilities PoC / EXP different operating environment requirements, tedious preparation
▪ most of the time in learning to use different tools habits, if they can unify enough
▪ Metasploit can solve the above problems it?

 

MSF architecture

Rex ▪
  - basic libraries for the complete basic daily tasks, without having to manually Coding
  - process socket connection to access, response protocol (http / SSL / SMB, etc.)
  - code conversion (XOR, Base64, Unicode)
▪ Msf :: Core
  - provide basic core API Msf is the core competency framework of the implementation library
▪ Msf :: base
  - API interface to provide a friendly, easy to call the module library
▪ plugin plug
  - connection and call extensions and external systems

 

▪ / usr / Share / Metasploit-Framework / modules /
▪ Technical function module (not process modules)
  - Exploits exploit system vulnerabilities attack operation, this module corresponds to attack each specific vulnerability (active and passive)
  - Payload successfully exploit Thereafter, the real code or instructions executed by the target system
    ▪ shellcode system instructions or
    ▪ three kinds Payload: / usr / Share / Metasploit-Framework / modules / payloads /
    ▪ Single: All-in-One
    ▪ Stager: limited when the target computer memory first transmitting a smaller payload for establishing a connection
    ▪ Stages: subsequent payload using the established connection to download stager
    ▪ stager, Stages are various types, suitable for different scenarios
    ▪ shellcode a payload, because of its established positive forward / reverse shell named

 

▪ Technical function module (not process modules)
  -: Auxiliary implementation of information collection, enumeration, an auxiliary module fingerprint detection, scanning and other functions (no payload of the exploit module)
  module payload is encrypted to avoid AV check: - Encoders
  - Nops : To improve the stability and maintain the size of the payload

 

Basic use:

 

Guess you like

Origin www.cnblogs.com/steven9898/p/11465249.html
Recommended
Ranking
[Nodejs] Native nodejs routing, getting parameters, static directory
Introduction and use of the datetime module in python - used to process date and time, calculate time intervals, etc.
Java bytecode decompiler in IntelliJIDEA for Scala
Resolved local variable 'str' referenced before assignment
Transformer Vision (2) || ViT-B/16 network structure
Translation: The most impressive YouTube channel that allows you to learn AI, machine learning and data science
gRPC- interceptor simple to use
Fortunately, three times faster investment has been lost how to do? There Baoying tutor you fly 69,937,609
Using Django to create a new project in the Windows10 environment gives an error [django-admin.py: The "django-admin.py" item cannot be recognized as the name of a cmdlet, function, script file, or executable program. 】
What should I do if I need to prepare the product standard
Daily
More
2024-06-05(0)
2024-06-04(0)
2024-06-03(1)
2024-06-02(0)
2024-06-01(1)
2024-05-31(1)
2024-05-30(0)
2024-05-29(1)
2024-05-28(1)
2024-05-27(1)

Code World

© 2018 codetd.com