Video: Pen Test Walkthrough with Metasploit Pro

| March 7, 2011

Metasploit Pro 3.6 was released today with a slew of new features aimed at facilitating pen testers throughout the entire penetration testing process.  One such new feature is asset tagging of groups of hosts, so that they can be grouped together easily.  Utilizing another new feature, global search, makes managing large engagements a breeze.  In addition to a free webinar on March 22 with James "egyp7" Lee on the Metasploit Framework, EH-Net regular columnist, Ryan Linn, explores Metasploit Pro.  He not only shows off some of those new features but also walks the viewer through the basic steps of performing a pen test with Metasploit Pro with the following 3 videos: rapid7_msf_logo_combined.jpg

- Getting Started With Metasploit Pro
- Post Exploitation
- Reporting and Cleaning Up

As we all know, a pen test is not over when the hacking is done.  Rapid7 realizes this as well, so the new reporting capabilities are a very welcome addition.  It is now easy to generate PCI compliance notes based on the findings throughout the penetration test.  These reports indicate exactly where the failures are and actually provides evidence to support those findings.  For those that need more detailed reports on all of the activity performed throughout a penetration test, the activity report shows all commands issued and all gathered evidence.  These two reports alone can save a lot of time for testers who need to present this type of information to their clients.

For those that haven’t learned to ‘stop worrying and love the GUI,’ Metasploit Pro now has a console mode where you can interact with Metasploit Pro just like the Community Edition.  For those that have embraced the GUI, the addition of tags allows for easy grouping of assets, and the tags can be used in many of the fields as shortcuts for specifying specific IP addresses.  This really speeds up every step in the process.

So let’s get a feel for Metasploit Pro as a whole as well as the new features of v3.6.

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:Linn}


Join us for a Free Webinar on March 22

James "egyp7" Lee takes participants in a technical deep-dive through the new features of the free and open source Metasploit Framework version 3.6, focusing on techniques valuable to professional penetration testers in red teams and consulting firms.  This will include post exploitation modules (a more powerful replacement for Meterpreter scripts) and using platform-agnostic payloads for increased pwnage.  Before the Q&A, he will also cover some of the feature highlights in the commercial Metasploit editions Metasploit Pro and Metasploit Express. Webinar participants should be familiar with the concepts of Metasploit and penetration testing.

eh-net_tv.jpg

webinar_button_registernow.gif


Video 1: Getting Started With Metasploit Pro

This video is going to walk you through logging into Metasploit Pro, creating a project, and doing the initial scanning.  You will see a network scan to identify assets using Nmap through Metasploit Pro, look at how to tag assets, and then pass those assets to NeXpose for vulnerability scanning.


Video 2: Post Exploitation

Now that NeXpose is done scanning, this video will walk through exploitation and post-exploitation using Metasploit Pro.  You will also see how to do post-exploitation information gathering through the GUI.


Video 3: Reporting and Cleaning Up

Once you have all of your loot, you need to clean up your sessions and do some reporting.  This video shows how to clean up the meterpreter sessions, and then create PCI Reports and others based on the information that you have gathered.

The new version of Metasploit Pro has some great features to help speed up the pen-testing process.  If you are doing large scale penetration tests, Metasploit Pro does a great job of helping you categorize the information and deal with the exploitation process.


Ryan Linn, CISSP, MCSE, GPEN – Ryan is currently an Information Security Engineer at SAS Institute. Employed in the computer industry since 1997, he has held positions ranging from web developer to Unix Systems Programmer at a large university to his current position in Information Security. Ryan has been responsible for working with large scale deployments of various flavors of *nix, high availability web and database clusters, as well as for application programming in high availability environments. In the past few years, Ryan has incorporated Windows security into his responsibilities, and is now part of the team responsible for information security globally in one of the largest privately held software companies in the world.

Category: Linn

Comments are closed.