Digital Bond

For Secure & Robust ICS

  • Home
  • Consulting
  • S4x19
  • Dale Peterson
  • Hire Dale To Speak
  • Contact Us

Metasploit Basics – Part 3: Pivoting and Interfaces

July 12, 2010 by Charles Perine Leave a Comment

There are two aspects to Metasploit that I would like to cover today. The first is pivoting, a topic I mentioned in a previous post, and the second is the way a user interfaces with Metasploit. Pivoting allows an attacker to use a compromised system to attack other systems on the same network. For example, an attacker compromises a web server on a corporate network, the attacker can then use the compromised web server to attack other systems on the network.

Pivoting is a powerful tool that allows Metasploit to penetrate deep into a network. Core Security’s Core Impact and Immunity Inc.’s CANVAS have this feature as well. The Metasploit version of pivoting is not quite as clean as Core Impact but for the price, free, it works well enough. Of all of the payloads included in Metasploit, the only one which supports pivoting in Metasploit is the Meterpreter.

Metasploit has a few interfaces which can be used when attacking a system. The Metasploit framework provides a web interface, a GUI, the msfconsole and the msfcli. For those who are new to Metasploit, the web interface is the simplest way to get comfortable with the layout.

  • The web interface, shown below, is fairly easy to use. The attacker loads the interface on his machine. He then searches for the appropriate exploit, payload and options. Once the attack is launched, the built-in console can be used to interact with the compromised host.
    • The Metasploit GUI, shown below, is similar in function to the web interface, though less polished. The attacker can search for and select an exploit, chose a payload, set the option and run the exploit without much knowledge of the underlying commands necessary to run Metasploit. The current GUI is no longer supported but there is a new GUI provided with Metasploit Express which is a product sold by Rapid7.

    • The msfconsole is a very powerful interface to Metasploit and it is the most often used interface. Typically an attacker will use the basic options, selecting an exploit, a payload and the options. There are many other commands that can be run from the msfconsole but they are beyond the scope of this article.
    • The msfcli is run from the command line. The attacker sets all arguments on the command line and executes the command. A shell, Meterpreter shell or VNC window will spawn after the exploit has been performed.

    In my next installment, I’ll show an exploit I wrote for an application and how it can be leveraged in an attack.

    Filed Under: Security Monitoring Tagged With: Metasploit Basics - Part 3

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    Subscribe to the S4 Events YouTube Channel

    S4x19 Is Open For Registration

    Jan 14 – 17 in Miami Beach

    Follow S4 Events on Facebook

    Tools & Talks

    DNS Squatting and You

    DNS Squatting and You

    February 24, 2016 By Reid W 3 Comments

    Basecamp for Serial Converters

    Basecamp for Serial Converters

    October 30, 2015 By Reid W 3 Comments

    escar Asia

    escar Asia

    September 9, 2015 By Dale Peterson 1 Comment

    Unsolicited Response Podcast: Cyber Insurance

    Unsolicited Response Podcast: Cyber Insurance

    August 27, 2015 By Dale Peterson 3 Comments

    S4 Events Newsletter

    Subscribe to our newsletter on leading / bleeding edge ICS cyber security information and S4 Events.

    * indicates required
    Email Format

    Dale's Tweets

    About Us

    Digital Bond was founded in 1998 and performed our first control system security assessment in the year 2000. Over the last sixteen years we have helped many asset owners and vendors improve the security and reliability of their ICS, and our S4 events are an opportunity for technical experts and thought leaders to connect and move the ICS community forward.

    Recent Comments

    • Chris on Attacking CANBus – Part 1
    • Chris on Koyo/Automation Direct Vulnerabilities
    • Brandon Workentin on The ICS Security Stories We Tell And Love
    • Joe Weiss on Insanely Crowded ICS Anomaly Detection Market
    • Stuart Bailey on Unsolicited Response Podcast Is Back … With John Matherly of Shodan

    Search….

    Follow @digitalbond

    Copyright © 2019 Digital Bond. - All Rights Reserved ·