Presentation is loading. Please wait.

Presentation is loading. Please wait.

Metasploit Analysis Report Overview

Published byRussell Briggs Modified over 6 years ago

Similar presentations

Presentation on theme: "Metasploit Analysis Report Overview"— Presentation transcript:

1 Metasploit Analysis Report Overview
Objective: Utilize Metasploit to successfully run an exploit against a vulnerable host Tools Used Metasploitable Target Jason Lindsley - MIS 5212 – metasploit Analysis Report

2 Vulnerability Scanning
Approach Info Gathering Use NMAP to identify target host IP Address, open ports, and OS version Vulnerability Scanning Perform Nessus Basic Network Scan to identify vulnerabilities Exploitation Use Metasploit to identify exploit and payload, set options, and deliver exploit to target Jason Lindsley - MIS 5212 – metasploit Analysis Report

3 Jason Lindsley - MIS 5212 – metasploit Analysis Report
Exploitation Results Identified the UnrealIRCD Backdoor Command Execution vulnerability using Nessus Basic Network Scanner Identified exploit in Metasploit with “Excellent” rank Executed exploit to establish double Reverse TCP Unix Command Shell Ran “whoami” command to identify my user identity as “root” Obtained a list of users on target host (via “cat etc/passwd” command) Jason Lindsley - MIS 5212 – metasploit Analysis Report

Download ppt "Metasploit Analysis Report Overview"

Similar presentations

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
Nmap Experiment.

Nmap Experiment.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Hacking Exposed 7 Network Security Secrets & Solutions Chapter 2 Scanning 1.

Hacking Exposed 7 Network Security Secrets & Solutions Chapter 2 Scanning 1.
Offensive Security Part 1 Basics of Penetration Testing

Offensive Security Part 1 Basics of Penetration Testing
A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.

A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/031 A Real World Attack: wu-ftp Cao er kai ( 曹爾凱 )

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/031 A Real World Attack: wu-ftp Cao er kai ( 曹爾凱 )
Computer Security and Penetration Testing

Computer Security and Penetration Testing
1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.

1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
4/13/2010.  CSS Meeting  Stephen Crane on Programming Contests  1pm  Building 8 room 345 05/11/10.

4/13/2010.  CSS Meeting  Stephen Crane on Programming Contests  1pm  Building 8 room /11/10.
Ana Chanaba Robert Huylo

Ana Chanaba Robert Huylo
Taeho Oh/PLUS 3rd CONCERT Workshop Nov. 1999 Intrusion demonstration Part I Postech PLUS Taeho Oh (PLUS015)

Taeho Oh/PLUS 3rd CONCERT Workshop Nov Intrusion demonstration Part I Postech PLUS Taeho Oh (PLUS015)
Mohan Kumar Puttasiddaiah

Mohan Kumar Puttasiddaiah
EECS 354 Network Security Metasploit Features. Hacking on the Internet Vulnerabilities are always being discovered 0day vulnerabilities Every server or.

EECS 354 Network Security Metasploit Features. Hacking on the Internet Vulnerabilities are always being discovered 0day vulnerabilities Every server or.
Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.

Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.
CIS 450 – Network Security Chapter 3 – Information Gathering.

CIS 450 – Network Security Chapter 3 – Information Gathering.

Similar presentations

Ads by Google