EvilZone
Community => General discussion => : CorruptedByte November 16, 2011, 10:29:39 PM
-
Hi, my question is, metasploit framework is only for a local penetration testing? i have this question because in everywhere i found tutorials for metasploit framework but in local networks, and if this is only for local network, how I can do a intrusion in a network from the outside? for example in the local network where i work.
This question is not for a malicious purpose is only because the manager of i work want a report of the security of the network.
-
actualy Metasploit is mostly build for remote exploits.
creating shells, bufferoverflows, etc.
Take a look at
Metasploit Unleashed (http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training) (not really up-to-date, but gives a lot of info)
Try to work with Armitage (http://www.fastandeasyhacking.com/manual) (GUI)
other info
http://en.wikibooks.org/wiki/Metasploit/UsingMetasploit (http://en.wikibooks.org/wiki/Metasploit/UsingMetasploit)
Symantec1 (http://www.symantec.com/connect/articles/metasploit-framework-part-1) & Symantec2 (http://www.symantec.com/connect/articles/metasploit-framework-part-2)
Corelan (http://www.corelan.be/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/)
and some movies :-)
http://www.securitytube.net/groups?operation=view&groupId=8 (http://www.securitytube.net/groups?operation=view&groupId=8)
should give a lead to work with..
-
oh, thanks ;) .
but here another question, how can i access a specific host in a local network through the router?, because the public IP is the IP from the router not of a host in the network, can i do this?
-
but here another question, how can i access a specific host in a local network through the router?, because the public IP is the IP from the router not of a host in the network, can i do this?
Well first tell me what do you mean by public ip is the ip from the router not of a host.
if there is a router then its not your local domain.
there may be some subneted network and you are must be in one of them.
but still you can access other domain host if you its ip.
no big deal.
first check out your main network topology.
now if you don't know about host ips then first scan for active router, thats how you will get ip of router then scan for particular network in which your target is.
then get access to if if you know the password :)
-
port forwarding UPnP works. read this discussion maybe that's gives a few things http://forums.hak5.org/index.php?showtopic=15127 (http://forums.hak5.org/index.php?showtopic=15127)
if there's no port forwarded. get in the router by exploit/hack/bruteforce and change it.
there can be other ways. I just started with metasploit, so i'm no genius ;P
Maybe anyone else have some good tips?
-
Well first tell me what do you mean by public ip is the ip from the router not of a host.
if there is a router then its not your local domain.
there may be some subneted network and you are must be in one of them.
but still you can access other domain host if you its ip.
no big deal.
first check out your main network topology.
now if you don't know about host ips then first scan for active router, thats how you will get ip of router then scan for particular network in which your target is.
then get access to if if you know the password :)
I mean, how i can do a pentesting of the outside of the network?, so the only attack vector to do a intrusion is the public IP (IP of the router), I have the IP, users, passwords, etc.
But i want to do a intrusion only with the IP
-
I mean, how i can do a pentesting of the outside of the network?, so the only attack vector to do a intrusion is the public IP (IP of the router), I have the IP, users, passwords, etc.
But i want to do a intrusion only with the IP
I believe what you seek is the ever-so boring Info-Gathering -> Service identifying -> Exploitation blueprint.
In other words, nmap it, check out the open ports(if any) and have a smash at them.
-
I just had a nice little hack this night.
Found with my scans a router. with the exploit that I could change the admin password with a tampered HTTP request.
So.. In the router I can adjust the port forwards.
So a nice and easy way to hack a computer behind a router.
Also I found a scanner this week which scans for UPnP option on a router.
(Automatic port forwarding)