Results 1 to 5 of 5

Thread: Metasploit Firewall

Hybrid View

  1. #1
    Member
    Join Date
    Jan 2010
    Posts
    102

    Default Metasploit Firewall

    Ive been playing around with msf and have had success with 2-3 different exploits, and its fine when my firewall on my XP SP2 Machine is down, but im wondering how vulnerable is SP2 with its firewall on? And are there any attacks that can be launched with it on.

    Also, im having toruble finding a Vista exploit other then a DoS attack, has anyone had success with this?

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Metasploit Firewall

    You might want to do some reading on how a firewall as well as various types of exploits work.

    A firewall filters traffic based on a set of rules. Traffic that meets one set of rules is allowed, and traffic that meets another set of rules is not allowed.

    Remote exploits (exploits that are launched from one attacking system against one or more victim systems over a network) use network traffic to exploit a system.

    If you want to know whether a particular remote exploit will work against a firewalled system, you need to know what traffic the firewall allows and what traffic the remote exploit uses to attack the system. Based on that advice Im sure you can do the research to determine which traffic must be allowed through the firewall for a particular exploit to work. (Hint: do a packet capture of the exploit if you dont already know what service/port it contacts).

    This is a Metasploit exploit that allows remote code execution vulnerability on Vista Sp1 and Sp2.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Member
    Join Date
    Jan 2010
    Posts
    102

    Default Re: Metasploit Firewall

    Thanks, ill set up a wire shark capture and try some out.

    My only question is, once i find out which traffic is aloud on a certain service/port say 445 microsoft-ds for example with the firewall on, i will still have to use the same module but just adjust my payload? Correct? Also i don't think i have the skill set to start making my own payloads to suit... will that be required?

  4. #4
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Metasploit Firewall

    Quote Originally Posted by MassAppeal View Post
    Thanks, ill set up a wire shark capture and try some out.

    My only question is, once i find out which traffic is aloud on a certain service/port say 445 microsoft-ds for example with the firewall on, i will still have to use the same module but just adjust my payload? Correct? Also i don't think i have the skill set to start making my own payloads to suit... will that be required?
    Depends if the firewall is blocking the initial exploit or the payload. If you are using an exploit that attacks Microsoft file sharing on port 445, the firewall needs to allow the traffic you are sending to port 445 for the exploit to work at all, regardless of payload. If the payload you send with that exploit attempts to create a listening shell on port 443, then your traffic to port 443 needs to be allowed by the firewall. If your traffic to port 445 is allowed but your traffic to port 443 is not, then changing the payload to something that would be allowed by the firewall would help, but if your traffic sent to port 445 is not allowed then the exploit wont work.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  5. #5
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default Re: Metasploit Firewall

    Some good info on Metasploit: Metasploit Unleashed - Mastering the Framework

Similar Threads

  1. How to install Metasploit 3.3.3 in Backtrack
    By Subliminal in forum Beginners Forum
    Replies: 5
    Last Post: 11-22-2010, 01:53 AM
  2. Metasploit Videos
    By m-1-k-3 in forum BackTrack Videos
    Replies: 2
    Last Post: 02-11-2010, 12:09 AM
  3. B4$ final using metasploit 3.3.4-dev to exploit IE6
    By bostonlink in forum BackTrack Videos
    Replies: 0
    Last Post: 01-24-2010, 06:14 AM
  4. introduction to metasploit
    By EcKo in forum BackTrack Howtos
    Replies: 11
    Last Post: 01-22-2010, 06:12 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •