Metasploits future: Sans Pentest Summit HD Moore Presentation



User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Mon Jun 01, 2009 10:11 pm

Metasploits future: Sans Pentest Summit HD Moore Presentation

http://metasploit.com/data/confs/sanspt ... future.pdf


Database Exploitation
Extensive set of Oracle exploits
SQL injection flaws, priv escalation, overflows
● Support for Metasploit payloads via Oracle
● Headed up by MC and Chris Gates
● Much more about this at Defcon
● MC's personal site has more

Web Applications
WMAP is starting to come together
 A modular web app assessment system
● Launch modules individually or automaticall
● Headed up by Efrain Torres
● Even more about this at Defcon
● Integrates with SQLMap and Nikto
● Support for recent attacks
● WebDAV + Unicode
● Automated SQL injection

Client-Side Exploitation
Browser AutoPWN
 Automatically exploit any web browser
● Headed up by Egypt (more at Defcon)
● Handles obfuscation and no-script
File format exploitation
 PDF is well supported, working on Office docs
 Extensive evasion capabilities

Meterpreter Everywhere
Mac OS X “machterpreter”
 Written by Charlie Miller and Dino Dai Zov
 Should be integrated “soonish”
Meterpretux for Linux/POSIX
 In the works for almost 3 years
Meterpreter for PHP
 Developed by Egypt, more at Defcon

Executable Hackery
Created scrambled Win32 EXEs
 Important for AV bypass with exploits
● Ties in with “persistent” shellcode
● Client-side exploits require these
Embedding shellcode into EXEs
 Standard viral “infection” of executables
 Powerful when done via MITM (Karmetasploit)
 Working on “signed” changeable EXEs

Working with third-party developers
 Opening the door to “commercial” modules
 Metasploit as a standard exploit platform

More Product Integration
Maltego transforms for data mining
 Run Metasploit modules from Maltego
● Leverage the output to build models
● Ex. Dump a remote user list from a server

Remote XMLRPC Daemon
Interact with remote Metasploit nodes
 Support for SSL and authentication
 Extensive API allows for almost anything
 Even better with Java/.NET/Ruby 1.9
Launch attacks from other networks
 Really powerful with Metasploit-in-an-Applet
 Use browsers as attack sources

Digital Telephony
Wardialing with WarVOX (warvox.org)
 A mostly-unrelated side project of Metasploit
 Dials using VoIP and records the audio
 Post-processes the audio to detect things
 Dialed over 10,000+ numbers in 3 hours
A new spin on telephone audits
 Detects insecure PBXs, voicemail lines, tones
 Great detection for modems, faxes, etc


User avatar

Hero Member
Hero Member

Posts: 1270

Joined: Mon Apr 28, 2008 9:20 am

Post Tue Jun 02, 2009 2:36 am

Re: Metasploits future: Sans Pentest Summit HD Moore Presentation

Metasploit is a really great tool with which you can safe some time and backup your results with other results.
Looking forward to its future development, thanks for the pdf.

Return to Tools

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software