Metasploit-Exploit automation and IPS evasion.pdf

(641 KB) Pobierz

H D Moore

Director of Security Research

BreakingPoint Systems

Metasploitation

(Exploit automation and IPS evasion)

CanSecWest 2006

Agenda



Introduction

Metasploit 3

Automation

IPS Evasion

Examples



Introductions - Who?



BreakingPoint Systems



Director of Security Research

We build hardware to break things

Founder, developer, researcher

We build software to break things



The Metasploit Project



Introductions - What?



Metasploit v3.0



New features, massive changes

Starting to be usable :-)

Auxiliary modules, databases, events

“Turning Metasploit into Nessus”:-)

Finding the “bump in the wire”

Low-visibility IPS fingerprinting

Integration with Metasploit 3



Automation



Evasion



Metasploit v2.5



April 2006 status



127 remote exploits, 75 payloads

Found in 17 books, 950 blogs, 190 articles

27,000 IPs used msfupdate in 2006

Load time increasing (200+ modules)

Client-side exploits are a pain

Automation is doable, but klunky

Concurrency depends on fork()



Growing pains...



Plik z chomika:

Eroza800

Inne pliki z tego folderu:

EN-Metasploit Toolkit.pdf (5122 KB)
1-Metasploit 2004.pdf (185 KB)
Metasploit-The Penetration Tester s Guide.pdf (7090 KB)
2-Metasploit 2004.pdf (428 KB)
3-Metasploit 2004.pdf (201 KB)

Metasploit-Exploit automation and IPS evasion.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: