Tuesday, March 29, 2011

A penetration test by Metasploit and see the alarm monitoring in Snort

In the previous episode we saw how to do adjust Snort, but we did not see it if working or not, and today we monitor the results when attack Windows XP with metasploit in Video.


 Metasploit


The Metasploit Project is an open-source computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive, and security research.

http://en.wikipedia.org/wiki/Metasploit_Project 

 ms08_067_netapi

This module exploits a parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service. This module is capable of bypassing NX on some operating systems and service packs. The correct target must be used to prevent the Server Service (along with a dozen others in the same process) from crashing. Windows XP targets seem to handle multiple successful exploitation events, but 2003 targets will often crash or hang on subsequent attempts. This is just the first version of this module, full support for NX bypass on 2003, along with other platforms, is still in development.

Usage information




More Information about this exploit


Video





No comments:

Post a Comment