3 min
Metasploit
How Metasploit's 3-Step Quality Assurance Process Gives You Peace Of Mind
Metasploit exploits undergo a rigorous 3-step quality assurance process so you
have the peace of mind that exploits will work correctly and not affect
production systems on your next assignment.
Step 1: Rapid7 Code Review
Many of the Metasploit exploits are contributed by Metasploit's community of
over 175,000 users, making Metasploit the de-facto standard for exploit
development. This is a unique ecosystem that benefits all members of the
community because every Metasploit user is a “sensor
3 min
Exploits
5 Tips to Ensure Safe Penetration Tests with Metasploit
Experienced penetration testers know what to look out for when testing
production systems so they don't disrupt operations. Here's our guide to ensure
smooth sailing.
Vulnerabilities are unintentional APIs
In my warped view of the world, vulnerabilities are APIs that weren't entirely
intended by the developer. They hey are also undocumented and unsupported. Some
of these vulnerabilities are exploited more reliably than others, and there are
essentially three vectors to rank them:
* Exploit s
4 min
Exploits
November Exploit Trends: Apache Killer Exploit New to List
This month was a quiet one on the Metasploit Top Ten List. Each month we compile
a list of the most searched exploit and auxiliary modules from our exploit
database [http://www.metasploit.com/modules/]. To protect user's privacy, the
statistics come from analyzing webserver logs of searches, not from monitoring
Metasploit usage.
The only new addition to the list this month is an old Apache Killer exploit.
Read on for the rest of November's exploit and auxiliary modules with commentary
by Meta
2 min
Authentication
Free Scanner for MySQL Authentication Bypass CVE-2012-2122
The MySQL authentication bypass vulnerability (CVE-2012-2122) - explained in
detail in HD Moore's blog post
[/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql] - was
the cause for much concern when it was first discovered. In response, we've
created a new vulnerability scanner for CVE-2012-2122 called ScanNow
[http://www.rapid7.com/free-security-software-downloads/MySQL-vulnerability-scanner-CVE-2012-2122.jsp]
, which enables you to check your network for vulnerability to thi
1 min
Metasploit
Webcast: Decrease Your Risk of a Data Breach - Effective Security Programs with Metasploit
Thanks for the many CISOs and security engineers who attended our recent
webcast, in which I presented some practical advice on how to leverage
Metasploit to conduct regular security reviews that address current attack
vectors. While Metasploit is often used for penetration testing projects, this
presentation focuses on leveraging Metasploit for ongoing security assessments
that can be achieved with a small security team to reduce the risk of a data
breach.
This webcast is now available for o
4 min
Exploits
Exploit Trends: New Microsoft and MySQL Exploits Make the Top 10
The new Metasploit exploit trends are out, where we give you a list of the top
10 most searched Metasploit exploit and auxiliary modules from our exploit
database (DB) [http://www.metasploit.com/modules/]. These stats are collected by
analyzing searches on metasploit.com in our webserver logs, not through usage of
Metasploit, which we do not track for privacy reasons.
In June 2012, we also have three new entries on the list, and seven existing
contenders. Here they are, annotated with Tod Bea
2 min
Mentoring Junior Red Team Members with Metasploit Pro
Penetration testers are not born, they're made, and we all had to start
somewhere. So how do you bring new team members up to speed, mentoring them into
a new role? Metasploit users in red teams and consulting organizations often
tell me that they like to leverage the Metasploit Pro team collaboration feature
for this purpose.
Metasploit Pro is accessed through a web interface that is available not only on
the local host but also across the network (personal firewall rules permitting).
As a r
2 min
Metasploit
Creating a PCI 11.3 Penetration Testing Report in Metasploit
PCI DSS Requirement 11.3 requires that you "perform penetration testing at least
once a year, and after any significant infrastructure or application upgrade or
modification". You can either conduct this PCI penetration test in-house
[/2011/10/20/pci-diy-how-to-do-an-internal-pentest-to-satisfy-pci-dss-requirement-113]
or hire a third-party security assessment. Metasploit Pro offers a PCI reporting
template, which helps you in both of those cases. If you are conducting the
penetration test in
4 min
Metasploit
How to Create Custom Reports in Metasploit
Metasploit Pro has a powerful reporting engine with many standard reports but
also great ways to build your own reports. Custom reports can help you if in a
couple of different ways:
* Add your logo and corporate design to reports
* Change the way reports display the information
* Translate a reporting template to your local language
* Create new reports for regional compliance needs
A custom report is a report that you use template to generate. You can generate
a custom report with a te
4 min
Exploits
Exploit Trends: CCTV DVR Login Scanning and PHP CGI Argument Injection
Last month, we gave you a list of the top 10 most searched Metasploit exploit
and auxiliary modules from our exploit database (DB)
[https://www.rapid7.com/db/]. These stats are collected by analyzing searches on
metasploit.com in our webserver logs, not through usage of Metasploit, which we
do not track for privacy reasons.
We were curious how the list changed month over month, and now we have the first
results for May 2012. As expected, most exploits only moved around a little but
we also ha
2 min
Metasploit
Webcast: Don't Pick the Lock, Steal the Key - Password Auditing With Metasploit
David Maloney's webcast for for network administrators and security engineers is
now available online. David discusses weaknesses in password-based
authentication on clients and servers and how to audit these as part of a
regular security program.
What you'll learn in this webcast
* Password storage systems and password obfuscation
* Strengths and weaknesses of the various approaches
* Real-life examples of badly implemented password authentication mechanisms
* How to audit passwords on
4 min
Metasploit
Can't Exploit Machines? A Metasploit Troubleshooting How To
It can be very frustrating to try exploiting machines and not succeeding,
especially if your vulnerability report is showing a lot of vulnerabilities on
the hosts you are trying to exploit. This is usually due to one of the following
reasons:
1. Not all reported vulnerabilities are exploitable. It may be because a
firewall or IPS/IDS is successfully stopping the attack, or simply because
your vulnerability scanner reported a false positive.
2. Your Metasploit machine or network connec
3 min
Metasploit
Using BackTrack 5 R2 with Metasploit Community or Metasploit Pro
As of version 5 R2, BackTrack comes pre-installed with Metasploit 4.1.4, so it's
now easier to use Metasploit Community Edition or Metasploit Pro on BackTrack.
Here is how it's done:
* After BackTrack boots, enter startx to get into the UI.
* Install BackTrack in a virtual machine using the Install BackTrack icon in
the top left corner. This is recommended so that Metasploit remembers its
product key; otherwise, you would have to register Metasploit each time.
* Log in with user root,
4 min
Metasploit
Top 10 Most Searched Metasploit Exploit and Auxiliary Modules
At Rapid7, we often get asked what the top 10 Metasploit modules are. This is a
hard question to answer: What does "top" mean anyway? Is it a personal opinion,
or what is being used in the industry? Because many Metasploit users work in
highly sensitive environments, and because we respect our users' privacy, the
product doesn't report any usage reports back to us.
We may have found a way to answer your questions: We looked at our
metasploit.com web server stats, specifically the Metasploit A
1 min
Networking
A Penetration Test is Quality Assurance for Your Security Controls
“We've spent all this money on IT security and you're still telling me that you
don't know whether our systems are secure?” your CEO might say. In addition,
they may challenge that you should know your systems well enough to know their
weaknesses? Not really.
Let's say you're a manufacturer of widgets. Even if you have the best machine
and the brightest people working for you, you'll still want to ensure that the
widgets that leave the factory will work as expected to ensure high customer
sat