SlideShare una empresa de Scribd logo

metasploitHelper - Spiderlabs

Keith Lee
Keith Lee

This document discusses metasploitHelper, a tool that helps penetration testers identify relevant Metasploit modules during a test. It crawls Metasploit modules to extract port numbers, target URIs, and titles. It parses Nmap scans to get port/service info, then performs lookups to find matching modules. It generates resource scripts and a report. Problems addressed include blocked user agents and ambiguous target URIs. The presentation demonstrates metasploitHelper's workflow and outputs.

Tecnología
1 de 19
Descargar para leer sin conexión
metasploitHelper Keith Lee & Michael Gianarakis Blackhat Asia Arsenal 2015
#whoami @keith55 Security Consultant at SpiderLabs @mgianarakis Managing Consultant at SpiderLabs Application Security
What Is This Presentation About? • Problems metasploitHelper tries to resolves • How metasploitHelper works • Problems faced during development • Some gotchas
Problems metasploitHelper tries to resolves
Problems metasploitHelper tries to resolves • There are new Metasploit modules released every now and then. It is difficult to keep up with every Metasploit modules that have been released. • We do not want to miss any easy to spot vulnerabilites during a penetration test. • Manual penetration testing is still recommended, this tool is meant to assist penetration testers during tests.
Metasploit Modules • Modules can be categorize into auxiliary and exploit modules. • Modules can also be categorize into HTTP URI and port based exploits.
How metasploitHelper works
How metasploitHelper works Crawls the metasploit modules folder and extracts the port numbers / targeturi and title of the module port numbers targeturi Writes the results to default-path.csv Writes the results to port2Msf.csv Parses the nmap xml file and extracts the port numbers and HTTP(s) services port numbers targeturi Perform a lookup based on the port number and find the matching Metasploit module Bruteforce the targeturi against all the HTTP(s) services listed in default- path.csv Writes the results to Metasploit resource scripts and generate report file "report.txt".
Problems faced
Problems faced • There are websites that blocks scripts using invalid user agent. 
 The script circumvent this by faking the user- agent. • The target web server returns a status code of 200 for all URIs.
 The script attempts to tests the web server for fictious URIs. The script does not continue with the bruteforce unless the -detect parameter is specified. 
 The script performs a match for the keywords in the page title against that of the title of the Metasploit module.
Some Gotchas
Some Gotchas • Some Metasploit modules do not specify the correct TARGETURI. • Instead, they have specified the root / as the TARGETURI.
Demo
metasploitHelper Help Menu
Running metasploitHelper
Generated 'data' files by crawling Metasploit modules folder
Generated report.txt contain list of matching modules (HTTP/Port based exploits)
Running the Generated Metasploit Resource Scripts against Target (Metasploitable VM)
Conclusion • The script can be downloaded from https:// github.com/milo2012/metasploitHelper/.

Recomendados

Basics of Server Side Template Injection
Basics of Server Side Template InjectionBasics of Server Side Template Injection
Basics of Server Side Template InjectionVandana Verma
 
Testing in Rails 3.x
Testing in Rails 3.xTesting in Rails 3.x
Testing in Rails 3.xnelinger
 
mocha sinon chai Dc jquery 4-24
mocha sinon chai Dc jquery 4-24 mocha sinon chai Dc jquery 4-24
mocha sinon chai Dc jquery 4-24 Carson Banov
 
test
testtest
testkadalarasu kadalarasu
 
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015Keith Lee
 
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docxMKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docxkendalfarrier
 
Metasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeMetasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeE Hacking
 
Microsoft Fakes, Unit Testing the (almost) Untestable Code
Microsoft Fakes, Unit Testing the (almost) Untestable CodeMicrosoft Fakes, Unit Testing the (almost) Untestable Code
Microsoft Fakes, Unit Testing the (almost) Untestable CodeAleksandar Bozinovski
 

Recomendados

Basics of Server Side Template Injection
Basics of Server Side Template InjectionBasics of Server Side Template Injection
Basics of Server Side Template InjectionVandana Verma
 
Testing in Rails 3.x
Testing in Rails 3.xTesting in Rails 3.x
Testing in Rails 3.xnelinger
 
mocha sinon chai Dc jquery 4-24
mocha sinon chai Dc jquery 4-24 mocha sinon chai Dc jquery 4-24
mocha sinon chai Dc jquery 4-24 Carson Banov
 
test
testtest
testkadalarasu kadalarasu
 
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015
Nmap2Nessus Presentation Slides at Black Hat Asia Arsenal 2015Keith Lee
 
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docxMKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docx
MKT 100Week 6 Assignment{Enter Student Name Here}{Enter Bu.docxkendalfarrier
 
Metasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeMetasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeE Hacking
 
Microsoft Fakes, Unit Testing the (almost) Untestable Code
Microsoft Fakes, Unit Testing the (almost) Untestable CodeMicrosoft Fakes, Unit Testing the (almost) Untestable Code
Microsoft Fakes, Unit Testing the (almost) Untestable CodeAleksandar Bozinovski
 
Unit Tests with Microsoft Fakes
Unit Tests with Microsoft FakesUnit Tests with Microsoft Fakes
Unit Tests with Microsoft FakesAleksandar Bozinovski
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development TestingCathal King
 
Online Spanish meetup #1
Online Spanish meetup #1Online Spanish meetup #1
Online Spanish meetup #1Alexandra N. Martinez
 
ASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncubeASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncubeMalisa Ncube
 
Odinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingOdinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingAlan Richardson
 
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...AOE
 
walkmod - JUG talk
walkmod - JUG talkwalkmod - JUG talk
walkmod - JUG talkwalkmod
 
How to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check TuneupHow to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check TuneupBala Subra
 
Virtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and LoggingVirtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and LoggingJimmy Attia
 
MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019Subhash Patel
 
Creating testing tools to support development
Creating testing tools to support developmentCreating testing tools to support development
Creating testing tools to support developmentChema del Barco
 
Devday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvuDevday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvuPhat VU
 
JAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & JasmineJAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & JasmineAnup Singh
 
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationNguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationSecurity Bootcamp
 
Test Driven Development with Sql Server
Test Driven Development with Sql ServerTest Driven Development with Sql Server
Test Driven Development with Sql ServerDavid P. Moore
 
Hot sos em12c_metric_extensions
Hot sos em12c_metric_extensionsHot sos em12c_metric_extensions
Hot sos em12c_metric_extensionsKellyn Pot'Vin-Gorman
 
MuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation SlidesMuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation SlidesSubhash Patel
 
So You Want to Write an Exporter
So You Want to Write an ExporterSo You Want to Write an Exporter
So You Want to Write an ExporterBrian Brazil
 
CTS2 Development Framework
CTS2 Development FrameworkCTS2 Development Framework
CTS2 Development Frameworkcts2framework
 
Best Practices for Magento Debugging
Best Practices for Magento Debugging Best Practices for Magento Debugging
Best Practices for Magento Debugging varien
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Más contenido relacionado

Similar a metasploitHelper - Spiderlabs

The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development TestingCathal King
 
ASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncubeASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncubeMalisa Ncube
 
Odinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingOdinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingAlan Richardson
 
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...AOE
 
walkmod - JUG talk
walkmod - JUG talkwalkmod - JUG talk
walkmod - JUG talkwalkmod
 
How to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check TuneupHow to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check TuneupBala Subra
 
Virtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and LoggingVirtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and LoggingJimmy Attia
 
MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019Subhash Patel
 
Creating testing tools to support development
Creating testing tools to support developmentCreating testing tools to support development
Creating testing tools to support developmentChema del Barco
 
Devday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvuDevday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvuPhat VU
 
JAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & JasmineJAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & JasmineAnup Singh
 
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationNguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationSecurity Bootcamp
 
Test Driven Development with Sql Server
Test Driven Development with Sql ServerTest Driven Development with Sql Server
Test Driven Development with Sql ServerDavid P. Moore
 
MuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation SlidesMuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation SlidesSubhash Patel
 
So You Want to Write an Exporter
So You Want to Write an ExporterSo You Want to Write an Exporter
So You Want to Write an ExporterBrian Brazil
 
CTS2 Development Framework
CTS2 Development FrameworkCTS2 Development Framework
CTS2 Development Frameworkcts2framework
 
Best Practices for Magento Debugging
Best Practices for Magento Debugging Best Practices for Magento Debugging
Best Practices for Magento Debugging varien
 

Similar a metasploitHelper - Spiderlabs (20)

Unit Tests with Microsoft Fakes
Unit Tests with Microsoft FakesUnit Tests with Microsoft Fakes
Unit Tests with Microsoft Fakes
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development Testing
 
Online Spanish meetup #1
Online Spanish meetup #1Online Spanish meetup #1
Online Spanish meetup #1
 
ASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncubeASP.NET MVC Best Practices malisa ncube
ASP.NET MVC Best Practices malisa ncube
 
Odinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support TestingOdinstar 2017 - Real World Automating to Support Testing
Odinstar 2017 - Real World Automating to Support Testing
 
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
 
walkmod - JUG talk
walkmod - JUG talkwalkmod - JUG talk
walkmod - JUG talk
 
How to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check TuneupHow to ace your .NET technical interview :: .Net Technical Check Tuneup
How to ace your .NET technical interview :: .Net Technical Check Tuneup
 
Virtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and LoggingVirtual Meetup: Mule 4 Error Handling and Logging
Virtual Meetup: Mule 4 Error Handling and Logging
 
MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019MuleSoft Meetup Charlotte 2 - 2019
MuleSoft Meetup Charlotte 2 - 2019
 
Creating testing tools to support development
Creating testing tools to support developmentCreating testing tools to support development
Creating testing tools to support development
 
Devday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvuDevday2016 real unittestingwithmockframework-phatvu
Devday2016 real unittestingwithmockframework-phatvu
 
JAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & JasmineJAVASCRIPT Test Driven Development & Jasmine
JAVASCRIPT Test Driven Development & Jasmine
 
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web applicationNguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
Nguyen Phuong Truong Anh - Some new vulnerabilities in modern web application
 
Test Driven Development with Sql Server
Test Driven Development with Sql ServerTest Driven Development with Sql Server
Test Driven Development with Sql Server
 
Hot sos em12c_metric_extensions
Hot sos em12c_metric_extensionsHot sos em12c_metric_extensions
Hot sos em12c_metric_extensions
 
MuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation SlidesMuleSoft Meetup 3 Charlotte Presentation Slides
MuleSoft Meetup 3 Charlotte Presentation Slides
 
So You Want to Write an Exporter
So You Want to Write an ExporterSo You Want to Write an Exporter
So You Want to Write an Exporter
 
CTS2 Development Framework
CTS2 Development FrameworkCTS2 Development Framework
CTS2 Development Framework
 
Best Practices for Magento Debugging
Best Practices for Magento Debugging Best Practices for Magento Debugging
Best Practices for Magento Debugging
 

Último

Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Último (20)

Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

metasploitHelper - Spiderlabs

  • 1. metasploitHelper Keith Lee & Michael Gianarakis Blackhat Asia Arsenal 2015
  • 2. #whoami @keith55 Security Consultant at SpiderLabs @mgianarakis Managing Consultant at SpiderLabs Application Security
  • 3. What Is This Presentation About? • Problems metasploitHelper tries to resolves • How metasploitHelper works • Problems faced during development • Some gotchas
  • 5. Problems metasploitHelper tries to resolves • There are new Metasploit modules released every now and then. It is difficult to keep up with every Metasploit modules that have been released. • We do not want to miss any easy to spot vulnerabilites during a penetration test. • Manual penetration testing is still recommended, this tool is meant to assist penetration testers during tests.
  • 6. Metasploit Modules • Modules can be categorize into auxiliary and exploit modules. • Modules can also be categorize into HTTP URI and port based exploits.
  • 8. How metasploitHelper works Crawls the metasploit modules folder and extracts the port numbers / targeturi and title of the module port numbers targeturi Writes the results to default-path.csv Writes the results to port2Msf.csv Parses the nmap xml file and extracts the port numbers and HTTP(s) services port numbers targeturi Perform a lookup based on the port number and find the matching Metasploit module Bruteforce the targeturi against all the HTTP(s) services listed in default- path.csv Writes the results to Metasploit resource scripts and generate report file "report.txt".
  • 10. Problems faced • There are websites that blocks scripts using invalid user agent. 
 The script circumvent this by faking the user- agent. • The target web server returns a status code of 200 for all URIs.
 The script attempts to tests the web server for fictious URIs. The script does not continue with the bruteforce unless the -detect parameter is specified. 
 The script performs a match for the keywords in the page title against that of the title of the Metasploit module.
  • 12. Some Gotchas • Some Metasploit modules do not specify the correct TARGETURI. • Instead, they have specified the root / as the TARGETURI.
  • 13. Demo
  • 16. Generated 'data' files by crawling Metasploit modules folder
  • 17. Generated report.txt contain list of matching modules (HTTP/Port based exploits)
  • 18. Running the Generated Metasploit Resource Scripts against Target (Metasploitable VM)
  • 19. Conclusion • The script can be downloaded from https:// github.com/milo2012/metasploitHelper/.