• Home

  • Education

  • [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
31
Now Pwn at a pufff…. Now Pwn at a pufff….

[null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

Embed Size (px)

DESCRIPTION

download metapwn at http://metapwn.sourceforge.net/

Citation preview

Page 1: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

Now Pwn at a pufff….Now Pwn at a pufff….

Page 2: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 3: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 4: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• Metasploit Framework• metaPwn• FastTrackFastTrack• Armitage – The new and easy

convention.• SET

Page 5: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• Metasploit - The single most powerful tool available today for the Penetration testers.

• Used for Developing and executing exploit code against any target machine.

• An open source ruby framework, moved from perl.

Page 6: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• Lib: the ‘meat’ of the framework code base.

• Data: editable files used by Metasploit

• Tools: useful commandline utilities

• Modules: the Framework modules.

• Payloads• Scripts• External

Page 7: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 8: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 9: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 10: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 11: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• The most popular and best way to use Metasploit Framework.

• Efficient and wide access to all the options.

• Execution of external commands is possible

Page 12: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• It is very importand that you analyze your target

• The scan results (generally by nmap) are very useful.

• Know the services running on the Target machine from the scan results.

• Determine the vulnerabilities.

Page 13: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• Search • Tab Completion.• Check• load• Connect• Irb• route• run/exploit and more …. Follow the

demos >>

Page 14: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 15: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 16: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

1. Know the target2. Scan for the suspected

vulnerabilities3. Find the pertaining payloads.4. Launch payloads to exploit

(Attack)5. Post Exploitation.

Page 17: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• Scan and Create a database• Import them to metasploit

• And “autopwn.autopwn.““

Page 18: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 19: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 20: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• Fast-Track is one more automated penetration suite.

• Fast-Track has 3 modes of operation – Interactive mode– GUI mode – Console mode (obsolete)

Page 21: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• Fast-Track comes with a good interface and support

• Tutorials available• Automates the exploitation• Dependent on Metasploit , so have it

updated.

Page 22: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 23: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• Social Engineering Tool kit• Comes with 10 major functions.– Spear-phishing Attack Vectors– Website attack vectors– Infection media generator– Create a payload and listener– Mass mailer attack– Teensy USB HID attack vector– SMS spoofing attack vector

Page 24: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• All the above listed attacks make the major attacks on the contemporary sytems.

• Lets have a detailed glimpse at all these services from SET….

Page 25: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

• A very well Mapped GUI for penetration testing

• Provides a very good GUI and a map of the target machines

• Armitage also uses Metasploit framework to test on the target

• “Little is to be said and rest is the action”

Page 26: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 27: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

Source :http://icis2005.unlv.edu/

http://icis2005.unlv.edu/
Page 28: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

Source :http://telegraph.co.uk

Page 29: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

Source :http://telegraph.co.uk

Page 30: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar
Page 31: [null]Metapwn - Pwn at a puff by Prajwal Panchmahalkar

Pwn the SAT

Pwn the SAT

Education
Steganography Presented By Prajwal Shrestha

Steganography Presented By Prajwal Shrestha

Education
PWN Stockholm Network Profile Analysis, 2015

PWN Stockholm Network Profile Analysis, 2015

Business
I haz you and pwn your maal

I haz you and pwn your maal

Technology
Puff SPECULATIVE

Puff SPECULATIVE

Documents
PUFF - library.ucsd.edu

PUFF - library.ucsd.edu

Documents
PWN Presentation 3/26/13

PWN Presentation 3/26/13

Business
Prajwal V Kumar: TR35 Awards

Prajwal V Kumar: TR35 Awards

Technology
PWN Marseille-Provence 2012 - 2014

PWN Marseille-Provence 2012 - 2014

Government & Nonprofit
Enquirer Puff

Enquirer Puff

Documents
Prajwal & group - MES College - Global Compinies

Prajwal & group - MES College - Global Compinies

Education
PWN Mentoring Programpwnromania.ro/wp-content/uploads/2015/09/Mentoring-PWN... · 2015. 10. 9. · KEY PROGRAMS: Mentoring –one of the traditional initiatives of PWN, with high

PWN Mentoring Programpwnromania.ro/wp-content/uploads/2015/09/Mentoring-PWN... · 2015. 10. 9. · KEY PROGRAMS: Mentoring –one of the traditional initiatives of PWN, with high

Documents
Financial Marketing for SMBs - PWN 150424

Financial Marketing for SMBs - PWN 150424

Economy & Finance
Puff printing

Puff printing

Engineering
DevNexus 2016: Wait! Wait! Don't pwn me!

DevNexus 2016: Wait! Wait! Don't pwn me!

Technology
How I “Pwn” Your Network

How I “Pwn” Your Network

Documents
Pwn Plug User Manual - Pwnie Express

Pwn Plug User Manual - Pwnie Express

Documents
Java vulnerabilities write once, pwn anywhere

Java vulnerabilities write once, pwn anywhere

Technology
Puff billy

Puff billy

Documents
Sneha Rajguru Prajwal Panchmahalkar - DEF CON CON 26/DEF CON 26... · Sneha Rajguru Security Consultant, PayatuTechnologies Pvt Ltd. @sneharajguru Prajwal Panchmahalkar Red Team Lead

Sneha Rajguru Prajwal Panchmahalkar - DEF CON CON 26/DEF CON 26... · Sneha Rajguru Security Consultant, PayatuTechnologies Pvt Ltd. @sneharajguru Prajwal Panchmahalkar Red Team Lead

Documents
PEPPERIDGE FARM puff HOW-TO'S LEARN HOW TO ... - Puff Pastry

PEPPERIDGE FARM puff HOW-TO'S LEARN HOW TO ... - Puff Pastry

Documents
Prajwal Patil

Prajwal Patil

Engineering
Bandpass PWN PA

Bandpass PWN PA

Documents
Quick and Easy Puff recipes - All Butter Puff Pastry

Quick and Easy Puff recipes - All Butter Puff Pastry

Documents
Panther Puff

Panther Puff

Documents
Azeri puff

Azeri puff

Documents
Prior Written Notice (PWN) - ASEC Compliance 14... · • A prior written notice (PWN) is required whenever the ... Points of Clarification • The PWN for an IEP documents the actions

Prior Written Notice (PWN) - ASEC Compliance 14... · • A prior written notice (PWN) is required whenever the ... Points of Clarification • The PWN for an IEP documents the actions

Documents
Pwn the Pwn Plug - DEF CON...Pwn the Pwn Plug: Analyzing and Counter-Attacking Attacker-Implanted Devices Wesley McGrew Assistant Research Professor Mississippi State University Center

Pwn the Pwn Plug - DEF CON...Pwn the Pwn Plug: Analyzing and Counter-Attacking Attacker-Implanted Devices Wesley McGrew Assistant Research Professor Mississippi State University Center

Documents
Presentation Prajwal 19122014

Presentation Prajwal 19122014

Documents
Księgarnia PWN: Merriam-Webster's Advanced Learner's

Księgarnia PWN: Merriam-Webster's Advanced Learner's

Documents