Metasploit Penetration Testing Examples

[patrick at aushack.com (Patrick Webster)]

Hi jag,

Metasploit is a framework for developing exploits. While it supports the
autopwn automation of system penetration, traditionally it would not be
considered a complete penetration test.

As you've already mentioned, a pen-test may include things such as:

Info gathering
* searching of public directories, IP address space registrars for port
scanning, technical mailing lists (*@target-company.com<*@target-company.com>),
google for information of interest (e.g. site: www.target-company.com "mysql
errors")
* examining the target website and html comments.
* specific targeting of certain individuals (e.g. the IT manager)
* social engineering (e.g. account password reset)
* PABX style attacks (voice mail PIN of 1234) and calling all numbers to
check for electronic answering devices such as modem or fax.
* checking routers, firewalls, target OS
* outsourcing of IT functions.

Once you've gathered enough information, you can then start targeted attacks
(this is where metasploit comes in handy) etc to reach your goal...

You'd then typically write a pretty report with an executive summary and
technical findings/recommendations for management.

As you can see, pen-testing is too broad a subject to be handled completely
by MSF. Take a look at the Hacking Exposed book Table of Contents (I
couldn't find anything else) for some ideas:

http://search.barnesandnoble.com/booksearch/isbninquiry.asp?z=y&ean=9780072260816&displayonly=TOC


The closest you'd get to a report in MSF is:

sessions -l -v

which lists all the open sessions and what module resulted in the successful
exploitation. But there is nothing stopping you writing a reporting module
for metasploit!

-Patrick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070624/af8d3cef/attachment.htm>