Pentesting? What is Pentesting? Why Pentesting?
Millions of dollars have been invested in security programs to protect critical infrastructure to prevent data breaches
1. Information Security is our Forte…
Phone:
Email:
Web:
Address:
+91-20-24333311
beaconedutech@gmail.com
http://beaconedutech.com
303, Renata Chambers,
2145, Sadashiv Peth,
Pune, Maharashtra, India – 411030
PenTesting with
Metasploit
Framework
Presented by –
Sudarshan Pawar
Prakashchandra Suthar
2. Information Security is our Forte…
“From 2008 Backtrack started giving
machine guns to monkeys “
3. Beacon Edutech
• What is PenTesting?
• Why PenTesting?
• Traditional Methodologies
• Metasploit
• Metasploit Terminologies
• Demo
• Is Metasploit the ans.?
12/7/2013
Agenda
2
4. Beacon Edutech
• What is PenTesting?
• Art or approach in an attempt to break-in into
authorised digital environment.
• Why PenTesting?
• Explore your security & trying to patch them
• Find vulnerabilities before others(bad guys) do
•…
12/7/2013
Getting Started
3
5. Beacon Edutech
• Millions of dollars have been invested in security
programs to protect critical infrastructure to
prevent data breaches.
• Penetration Test is one of the most effective
ways to identify weaknesses and deficiencies in
these programs.
12/7/2013
Need of Pentesting
-Metasploit –The Penetration Tester’s Guide by HD Moore
4
9. Beacon Edutech
• Not just a tool, but an entire framework
• An Open source platform for writing security
tools and exploits
• Easily build attack vectors to add its exploits,
payloads, encoders,
• Create and execute more advanced attack
• Built in RUBY
12/7/2013
What is Metasploit?
8
13. Load Metasploit
Choose the target OS
Change Offset
Use exploit
Beacon Edutech
Public Exploit
Gathering
12/7/2013
Traditional Pentest Vs
Metasploit
SET Payload
Replace
Shellcode
Execute
12
15. Beacon Edutech
• Exploit : The means by which a Pentester takes an
advantages of a flaw within system, application, or
service
• Payload : Code that we want the target system to
execute on our command
• Shellcode : Set of instructions used as payload when
exploitation occurs
• Module : Support software that can be used by
Metasploit
• Listener : A component for waiting an incoming
connection
12/7/2013
Metasploit Terminologies
14
17. Beacon Edutech
• A.k.a Meta Interpreter
• Post exploitation payload(tool)
• Uses in-memory DLL injection
• Can be extended over the run time
• Encrypted communication
12/7/2013
Meterpreter
16
18. Command execution
File Upload/Download
Process migration
Log Deletion
Privilege escalation
Registry modification
Deleting logs and killing antivirus
Backdoors and Rootkits
Pivoting
…..etc.
Beacon Edutech
•
•
•
•
•
•
•
•
•
•
12/7/2013
What can be done
17
23. Beacon Edutech
• Group Discussion about
“Pentesting with Metasploit –Yes/No ”
• Rules
• Don’t Hesitate to raise a point (We all are
learners)
• No Rocket Science required.
• Its not a debate, so chill.
12/7/2013
RULES…
22