Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Metasploit Utilities
|
179
MSFcli Another interface in the Metasploit Framework is the “MSFcli” interface, though it’s not interac- tive like msfconsole. An advantage in MSFcli is that we can redirect output from other tools as well as redirect MSFcli’s output to other tools. To launch MSFcli, we need to execute “msfcli” command in the shell followed by the options that we would like to use. MSFGUI MSFGUI was the first official GUI version for Metasploit, but it’s not frequently updated any more. Therefore, we won’t discuss it in this book. What we will discuss next is another GUI named “Armitage,” which is updated frequently. Armitage Armitage is a powerful GUI interface for Metasploit; it’s fully interactive and also comes prein- stalled with BackTrack. Later in this section, we will look at how similar tasks can be accom- plished faster with Armitage than with Metasploit. Metasploit Utilities Over the years, there have been a couple of utilities introduced with Metasploit. The main pur- pose of introducing these utilities was to use the components outside the Metasploit Framework within it. The most popular ones are MSFpayload and MSFencode. Let’s look at them in brief. We will learn how to use them in the “Client Side Exploitation” chapter (Chapter 8). MSFPayload MSFPayload is used for generating payloads, shell codes, and other executables. A payload is the code that you want to run on the victim’s machine after the exploit is completed, whereas a shell code is usually part of the payload written in the assembly language. MSFEncode MSFEncode utilizes different methods to encode payloads so that they don’t end up getting detected by antivirus engines. Almost all encoding techniques would fail to get past antiviruses, but with some tweaking, we can bypass most of them. Anyway, in the end our main goal is to just get past the particular antivirus that the victim is using. MSFVenom MSFVenom is a newly introduced feature in the Metasploit Framework. It is a combination of both MSFpayload and MSFencode. With MSFvenom, we can perform both create/encode shell 180 ◾ Ethical Hacking and Penetration Testing Guide codes under a single tool. We will take a look at it once we get to the “Client Side Exploitation” chapter (Chapter 8). Yüklə 22,44 Mb. Dostları ilə paylaş:
|