Mastering Metasploit
上QQ阅读APP看书,第一时间看更新

Preface

Penetration testing is one of the crucial techniques required in businesses everywhere today. With the rise of cyber and computer-based crime in the past few years, penetration testing has become one of the core aspects of network security and helps in keeping a business secure from internal, as well as external threats. The reason that why penetration testing is a necessity is that it helps uncover the potential flaws in a network, a system, or an application. Moreover, it helps in identifying weaknesses and threats from an attacker's perspective. Various potential flaws in a system are exploited to find out the impact it can have on an organization and the risk factors of the assets as well. However, the success rate of a penetration test depends largely on the knowledge of the target under the test. Therefore, we generally approach a penetration test using two different methods: black box testing and white box testing. Black box testing refers to the testing where there is no prior knowledge of the target under test. Therefore, a penetration tester kicks off testing by collecting information about the target systematically. Whereas, in the case of a white box penetration test, a penetration tester has enough knowledge about the target under test and starts off by identifying known and unknown weaknesses of the target. Generally, a penetration test is divided into seven different phases, which are as follows:

  • Pre-engagement interactions: This phase defines all the pre-engagement activities and scope definitions, basically, everything you need to discuss with the client before the testing starts.
  • Intelligence gathering: This phase is all about collecting information about the target that is under the test by connecting to it directly and passively, without connecting to the target at all.
  • Threat modeling: This phase involves matching the information detected to the assets in order to find the areas with the highest threat level.
  • Vulnerability analysis: This involves finding and identifying known and unknown vulnerabilities and validating them.
  • Exploitation: This phase works on taking advantage of the vulnerabilities found in the previous phase. This typically means that we are trying to gain access to the target.
  • Post-exploitation: The actual task to be performed at the target, which involves downloading a file, shutting a system down, creating a new user account on the target, and so on, are parts of this phase. Generally, this phase describes what you need to do after exploitation.
  • Reporting: This phase includes the summing up of the results of the test under a file and the possible suggestions and recommendations to fix the current weaknesses in the target.

The seven phases just mentioned may look easy when there is a single target under test. However, the situation completely changes when a large network that contains hundreds of systems is to be tested. Therefore, in a situation like this, manual work is to be replaced with an automated approach. Consider a scenario where the number of systems under the test is exactly 100 and running the same operating system and services. Testing each and every system manually will consume so much time and energy. However, this is a situation where the role of a penetration testing framework is required. The use of a penetration testing framework will not only save time, but will also offer much more flexibility in terms of changing the attack vectors and covering a much wider range of targets under a test. A penetration testing framework will also help in automating most of the attack vectors, scanning processes, identifying vulnerabilities, and most importantly, exploiting those vulnerabilities, thus saving time and pacing a penetration test.

Mastering Metasploit aims at providing readers with an insight into the most popular penetration testing framework, that is, Metasploit. This book specifically focuses on mastering Metasploit in terms of exploitation, writing custom exploits, porting exploits, testing services, and conducting sophisticated, client-side testing. Moreover, this book helps to convert your customized attack vectors into Metasploit modules, covering Ruby, assembly, and attack scripting, such as Cortana. This book will help you build programming skills as well.