type
status
date
slug
summary
tags
category
icon
password
Catagory
Materials
Retired
Retired
Due date
Jan 16, 2024 05:30 AM
Status
Belong in

Introduction

metasploit framework是一組包含所有攻擊鏈流程的工具,上到information gathering下到post exploitation通通都有。主要元件分成三大類:
  • msfconsole:command-line interface
  • Modules:支援的模組包含像是exploits, scanners, payloads等
  • Tools:像是msfvenom、pattern_create、pattern_offset等。

Modules

Auxiliary

支援型的模組,包含像是scanners, crawlers, fuzzers等等均可以在這裡找到
notion image

Encoders

允許針對exploit跟payload進行編碼,嘗試像是bypass signature-based 的solutions
notion image

Evasion

notion image
Metasploit Basics for Hackers, Part 24: The New Evasion Modules in Metasploit 5
Welcome back, my aspiring cyber warriors! With the release of Metasploit 5, one of the most notable changes has been the addition of a new type of module type, the evasion modules. These new modules are designed to help you create payloads that can evade anti-virus (AV) software on the target system. Years ago, penetesters and other hackers used the combination of msfpayload and msfencode (both deprecated in favor of msfvenom) to create payload modules that were capable of evading AV software. L
Metasploit Basics for Hackers, Part 24: The New Evasion Modules in Metasploit 5
https://www.hackers-arise.com/post/2019/03/27/metasploit-basics-for-hackers-part-24-the-new-evasion-modules-in-metasploit-5
Metasploit Basics for Hackers, Part 24: The New Evasion Modules in Metasploit 5

Exploits

執行目標系統漏洞利用的一連串流程的程式碼
notion image

NOPs

NOP - 維基百科,自由的百科全書
電腦科學中,NOP或NOOP(No Operation或No Operation Performed的縮寫,意為無操作)是組合語言的一個指令,一系列編程語句,或網路傳輸協定中的表示不做任何有效操作的命令。
NOP - 維基百科,自由的百科全書
https://zh.wikipedia.org/zh-tw/NOP
notion image

Payloads

notion image
  • Adapters:將一個payloads轉換成不同的格式,舉例像是將一段payload使用powershell 撰寫
  • Singles:self-contained payloads包含像是增加使用者、啟用notepad.exe,無須額外的元件來run payloads
  • Stagers:主要的目的是要設定metasploit跟目標主機的連線,首先會上傳stagers至目標主機並下載剩餘的payload(stage)。用此方法的優點在於比起一次傳輸格式較大的檔案,算是分段執行
  • Stages:由stagers下載

Post

aim to post-exploitation phase
notion image

Tools

msfvenom

Reference

Msfconsole Commands - Metasploit Unleashed
The MSFconsole has many different command options to chose from. The following are a core set of Metasploit commands with reference to their output.
Msfconsole Commands - Metasploit Unleashed
https://www.offsec.com/metasploit-unleashed/msfconsole-commands/
Msfconsole Commands - Metasploit Unleashed
远控免杀专题文章(3)-msf自免杀(VT免杀率35/69) - 腾讯云开发者社区-腾讯云
1、远控免杀专题文章(1)-基础篇:https://mp.weixin.qq.com/s/3LZ_cj2gDC1bQATxqBfweg
远控免杀专题文章(3)-msf自免杀(VT免杀率35/69) - 腾讯云开发者社区-腾讯云
https://cloud.tencent.com/developer/article/1588341
Video preview
Metasploit | hackers-arise
Metasploit is one of the world's most powerful exploitation frameworks. Begun as an open-source project by HD Moore, it is now owned by the information security company Rapid7. Every hacker/pentester MUST be proficient in the use of Metasploit.
Metasploit | hackers-arise
https://www.hackers-arise.com/metasploit-1
 
相關文章
Tools - Burp Suite
TryHackMe - GameZoneTryHackMe - Kenobi