Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
|
195
I selected the first option to bring up a command shell so that we can execute commands on the target. Here is what it looks like: Check Feature Metasploit has a check feature that checks if a target is vulnerable to a particular attack. But, only some exploits implement the check feature. To use the check feature, just click on “check for exploits” at the bottom, and it will automatically use all the exploits that implement check feature and will tell you whether a target is vulnerable to a particular exploit. The ms08 _ 067 _ netapi implements the “check” feature, therefore it has verified that the target is vulnerable to our exploit. Here is what the output looks like: For an exploit that does not support the check feature, you would need to verify it manually. For example, the exploit ms10 _ 061 _ spools does not support a check feature: 196 ◾ Ethical Hacking and Penetration Testing Guide Hail Mary Hail Mary is equivalent to the db _ autopwn feature that we previously discussed. It will sim- ply launch all the exploits against our particular target by port and/or vulnerability depending upon the type of scan that you have imported into Armitage. So for example, if you have imported an nmap scan, it will use exploits by “ports,” on the other hand if you have imported Nessus, netx- pose scans, it would target exploits by vulnerability. Conclusion To sum up, we talked about various methods to attack a network starting from authentication- based attacks to using various exploits in Metasploit to compromise the target. In the next chapter, we will study “client side exploitation,” where we would directly interact with the target to exploit it. References Since Armitage is a very big framework, and it would not possible for me to discuss it thoroughly here, I would strongly suggest you to take a look at the official manual of Armitage available at this website: ◾ http://www.fastandeasyhacking.com/manual |