Posts tagged Linux

6 min Exploits

Compromising Embedded Linux Routers with Metasploit

Normally we don't get a lot of contributions regarding embedded devices. Even when they are an interesting target from the pentesting point of view, and is usual to find them out of DMZ zones on corporate networks. Maybe it's because access to these devices or the software running in top of them is not so easy. Maybe because usually they are based on MIPS architectures which hasn't get so much attention as x86 or ARM architectures. Or maybe because it's not so easy always to run the their softwa

3 min Metasploit

Weekly Update: Introducing Metasploit 4.5.3

Version bump to Metasploit 4.5.3 This week, we've incremented the Metasploit version number by one trivial point to 4.5.3 -- this was mainly done to ensure that new users get the fixes for the four [https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_QHo4BqnN8] most [https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KZwsQbYsOiI] recent [https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/zAAU7vGTPvI] vulnerabilities [https

3 min Metasploit

Metasploit Now Supports Kali Linux, the Evolution of BackTrack

Today, our friends at Offensive Security announced Kali Linux [http://www.kali.org/offensive-security-introduces-kali-linux/], which is based on the philosophy of an offensive approach to security. While defensive solutions are important to protect your network, it is critical to step into the shoes of an attacker to see if they're working. Kali Linux is a security auditing toolkit that enables you just that: test the security of your network defenses before others do. Kali is a free, open sour

5 min Product Updates

Update to the Metasploit Updates and msfupdate

The Short Story In order to use the binary installer's msfupdate, you need to first register your Metasploit installation. In nearly all cases, this means visiting https://localhost:3790 [https://localhost:3790/] and filling out the form. No money, no dense acceptable use policy, just register and go. Want more detail and alternatives? Read on. Background A little over a year ago, Metasploit primary development switched to Git [/2011/11/10/git-while-the-gitting-is-good] as a source control p

3 min Metasploit

Using BackTrack 5 R3 with Metasploit Community or Metasploit Pro

Update: Kali Linux now superseded BackTrack as a platform. We strongly recommend using Kali Linux over BackTrack if you are going to run Metasploit. More info here [/2013/03/13/metasploit-now-supports-kali-linux-the-evolution-of-backtrack] . As of version 5 R3, BackTrack comes pre-installed with Metasploit 4.4, so it's now easier to use Metasploit Community Edition or Metasploit Pro on BackTrack. Here is how it's done: * After BackTrack boots, enter startx to get into the UI. * Install Bac

3 min Metasploit

Using BackTrack 5 R2 with Metasploit Community or Metasploit Pro

As of version 5 R2, BackTrack comes pre-installed with Metasploit 4.1.4, so it's now easier to use Metasploit Community Edition or Metasploit Pro on BackTrack. Here is how it's done: * After BackTrack boots, enter startx to get into the UI. * Install BackTrack in a virtual machine using the Install BackTrack icon in the top left corner. This is recommended so that Metasploit remembers its product key; otherwise, you would have to register Metasploit each time. * Log in with user root,

6 min Nexpose

Integrating Nexpose Community and Metasploit Community in Backtrack 5 R2

I recently packaged up the new Nexpose release so that Backtrack users can have an up-to-date version of Nexpose, straight from the Backtrack repos. This seemed like a great time to also go over installing Nexpose Community and integrating it with the already-installed Metasploit Community. 1. Getting Started Before we get started, I would recommend grabbing a copy of Backtrack 5 R2 64-bit. The machine you want to use will need to have at a minimum 2GB of RAM and at least 5GB space on the hard

5 min Metasploit

Adventures in the Windows NT Registry: A step into the world of Forensics and Information Gathering

As of a few days ago [https://github.com/rapid7/metasploit-framework/pull/98], the Metasploit Framework has full read-only access to offline registry hives. Within Rex you will now find a Rex::Registry namespace that will allow you to load and parse offline NT registry hives (includes Windows 2000 and up), implemented in pure Ruby. This is a great addition to the framework because it allows you to be sneakier and more stealthy while gathering information on a remote computer. You no longer need

2 min Metasploit

More Fun with BSD-derived Telnet Daemons

In my last post [/2011/12/28/bsd-telnet-daemon-encrypt-key-id-overflow], I discussed the recent BSD telnetd vulnerability and demonstrated the scanner module added to the Metasploit Framework. Since then, two new exploit modules have been released; one for FreeBSD versions 5.3 - 8.2 [https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/freebsd/telnet/telnet_encrypt_keyid.rb] and another for Red Hat Enterprise Linux 3 [https://github.com/rapid7/metasploit-framework/blob/ma

3 min Metasploit

Installing Metasploit Community Edition on BackTrack 5 R1

Update: I just published a new blog post for using Metasploit on BackTrack 5 R2 [/2012/05/30/install-metasploit-on-backtrack]. BackTrack 5 R1 comes pre-installed with Metasploit Framework 4.0. Unfortunately, Metasploit Community, which brings a great new Web UI and other functionality, was introduced in version 4.1, so it's not included by default. Updating Metasploit Framework using the msfupdate command will not install the Web UI. In addition, BT5 only makes the development trunk available,

2 min Linux

Offensive Security = Backtrack Linux + Metasploit Pro

This week the guys over at Offensive Security [http://www.offensive-security.com/] officially added Metasploit Pro [http://www.rapid7.com/products/metasploit-pro.jsp] to their curriculum for the class Pentration Testing with Backtrack [http://www.offensive-security.com/online-information-security-training/penetration-testing-backtrack/] . For those not familiar with it, BackTrack [http://www.backtrack-linux.org/] is a Linux distribution that includes a lot of tools for penetration testing. Since