Results 1 to 6 of 6

Thread: The 'Catch-22' Situation of Metasploit

  1. #1
    Member
    Join Date
    May 2007
    Posts
    53

    Default The 'Catch-22' Situation of Metasploit

    I started playing with the metasploit framwork recently; and something struck me.

    In my noob mind, the following statement is true.

    In order to successfully rollout an exploit on a target computer, one would need to know what kind of services the target computer is running (does it have itunes installed? Does it have winamp installed? What version if IE is it running? etc).

    And in order to find out what kind of serviecs the target computer is running, one needs access and privilidges enough to find that information out in the first place...

    ipso facto... if you are able to find out what services a computer is running, then you;ve no need for all aspects of a Metasploit exploit.

    So you are kind of chasing your own tail.

    Can anyone point out my failings / inaccuracies / edumacate me?

  2. #2
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    yep
    you can easily detect wich service is running with some app vuln scanners or simply nmap scan for it.......

    you no need to have access to victim.........

    did this answer to your question ?
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  3. #3
    Developer balding_parrot's Avatar
    Join Date
    May 2007
    Posts
    3,399

    Default

    Learn your common and target applications port numbers.

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Alus the itunes vulnerability is a reverse shell type of exploit so the user has to click on the link in order for the exploit to work. This would be well suited for a malicious web page situation. A malicious hacker could craft his own itunes page with all sorts of links,songs warez,.....whatever related to itunes. this usually attracts greedy people. Then you hide 8 or 10 instances of your link on the page and wait for a victim. You would be absolutely astonished at the results. Remember this is only ans example of how a malicious hacker could use metsploit in a attempt to answer your question.

  5. #5
    Member
    Join Date
    May 2007
    Posts
    53

    Default

    @shamanvirtuel
    Yes Thankyou shamen, this clears up my understanding.

    @baldingparrot
    roger wilcko..

    @purehate
    legalities and ethics aside, thats a very interesting idea. Basically you are attracting flies to a honey pot.

    Onward ever upward.

  6. #6
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    If your really interested in metasploit here's some lite reading

    http://www.amazon.com/Metasploit-Pen.../dp/1597490741

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •