The Ethical Hacker Network - [Article]-Video: Exploring Metasploit 3 and the New and Improved Web Interface

Latest Additions

Who's Online

EH-Net News Feeds

Latest Additions

don

Editor-In-Chief
Administrator
Hero Member

Online

Posts: 3845

Editor-In-Chief

[Article]-Video: Exploring Metasploit 3 and the New and Improved Web Interface - Part 2

« on: April 27, 2007, 03:44:42 PM »

Chris actually has 2 videos dealing with the new Web Interface for Metasploit v3. This is no reflection on Chris Tongue

, but we're going to do things a little backwards. This one was ready to go, although it is the second part. The first part should be ready any minute, but I had the time now, so here it is. No use waiting, because you never know when you'll get more of it. Huh

Either way, Chris is doing some great work here especially for those of you who are command line challenged. The new Web Interface is really impressive.

Have fun.

Permanent Link: [Article]-Video: Exploring Metasploit 3 and the New and Improved Web Interface

Quote

Overview of Video

In this video we explore the revised MSFWeb interface for the Metasploit Framework 3.0. We specifically take a look at running "browser" exploits where you have to get the victim to connect back to your listening Metasploit instance. We'll use the ie_createobject exploit via the MSFweb GUI, and then we'll use the wmf_setabortproc exploit using the built in msfconsole (a new addition in MSFWeb 3.0). We'll also take a look at using custom meterpreter scripts; first to see if the victim is running in vmware and second, to clear the event logs.

Enjoy and keep an eye out for future videos. Feel free to post comments and suggestions for future videos.

Thanks,
Chris Gates

Metasploit ® is a registered trademark of Metasploit LLC

Add your comments below,
Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

ChrisG

EH-Net Columnist
Hero Member

Offline

Posts: 1166

Re: [Article]-Video: Exploring Metasploit 3 and the New and Improved Web Interfa

« Reply #1 on: April 27, 2007, 04:34:51 PM »

wow harsh don Wink

i also forgot to put in the writeup, that if you set up your MSFweb on a IP address you can actually get to (like other than 127.0.0.1) you can share your MSF sessions with anyone who can access the IP (yes i know that's good and bad). thats at the end of the vid and why you see it running on 192.168.0.105 instead of 127.0.0.1.

feedback is always welcome


	Logged

...tests i took go here...

http://carnal0wnage.attackresearch.com/

Negrita

Sr. Member

Offline

Posts: 298

Re: [Article]-Video: Exploring Metasploit 3 and the New and Improved Web Interfa

« Reply #2 on: April 28, 2007, 10:36:25 AM »

Great thanks Chris. Top noch work as usual.


	Logged

CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.

ChrisG

EH-Net Columnist
Hero Member

Offline

Posts: 1166

Re: [Article]-Video: Exploring Metasploit 3 and the New and Improved Web Interfa

« Reply #3 on: April 28, 2007, 11:05:20 AM »

thanx!

i did get an email asking if you could delete just one event from the log. looking at the api, LINK i dont see a way to do it, but others are encouraged to look because if you can it would be sweet.