Posts by webpwnized

0 min Metasploit

Tutorial: Importing nmap XML into Metasploit Community Edition

nmap reporting is excellent with the XML option but this is not used in a lot of cases. The XML output from nmap can be imported into other tools such as the Metasploit Community Edition (Import button), metasploit DB, and other tools. Also, the XML format can be opened in a web browser to produce a well-formatted report suitible for attachment to a pen-test.

1 min Metasploit

Tutorial: How to forward connection through meterpreter shell to reach internal web server

This video covers accessing a web site that is normally unreachable from our Backtrack 5 box. However, after gaining a session on a third box, we forward our web browser through the compromised host in order to browse the website. The port forwarding is done via a meterpreter session on the compromised host. After setting up the port forward, the browser is able to use the compromised host as a relay (almost like a web proxy) in order to browse to the "internal" web application.

0 min Metasploit

Tutorial: Using Metasploit Community Edition built-in exploit analysis

In previous versions of Metasploit it was possible to run "db_autopwn -t -x" in the msfcomsole in order to have metasploit guess the best exploits for a given vulnerability. This video looks at alternative functionality for the depreciated "db_autopwn -t -x" option in older versions of Metasploit's msfconsole. Metasploit Community Edition has similar exploit analysis functionality accessible via the web based GUI.

0 min Metasploit

Tutorial: How to use export "hashdumped" creds to jtr

This video shows how to have the hashdump post exploitation module automatically populate the creds table in the metasploit database, then export the credentials to a file suitible to pass to the john the ripper tool in order to audit the passwords. Hu

0 min Metasploit

Tutorial: How to import Nessus scan into Metasploit Community Edition

This video covers importing the completed Nessus scan into Metasploit Community Edition.

1 min

Tutorial: Using web command injection to gain remote desktop on Windows web server

In this video, a reasonably hardened Windows web server is hosting Mutillidae, a deliberately vulnerable web application. Mutillidae contains a web command injection. A Backtrack host is also running on the same network (Virtual Box Host Only network). Using command injection, remote desktop access (RDP) is gained to a Windows web server. The web server is configured with a firewall protecting the RDP port. Also the RDP service is not running and disabled. Registry settings are set to keep RDP'