Automation of Post-exploitation

(Focused on MS-Windows Targets)
  • Mohammad Tabatabai Irani
  • Edgar R. Weippl
Part of the Communications in Computer and Information Science book series (CCIS, volume 58)

Abstract

Pentesting is becoming an important activity even for smaller companies. One of the most important economic pressures is the cost of such tests. In order to automate pentests, tools such as Metasploit can be used. Post-exploitation activities can, however, not be automated easily. Our contribution is to extend Meterpreter-scripts so that post-exploitation can be scripted. Moreover, using a multi-step approach (pivoting), we can automatically exploit machines that are not directly routable: Once the first machine is exploited, the script continues to then automatically launch an attack on the next machine, etc.

Keywords

Pentesting security exploits 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [Bag08] Bagget, M.: Effectiveness of antivirus in detecting metasploit payloads. SANS Institute (2008)Google Scholar
  2. [EPW04] Essmayr, W., Probst, S., Weippl, E.: Role-based access controls: Status, dissemination, and prospects for generic security mechanisms. Electronic Commerce Research (2004)Google Scholar
  3. [Met] Metasploit, http://www.metasploit.com/
  4. [MMC+07] Maynor, D., Mookhey, K.K., Cervini, J., Roslan, F., Beaver, K.: Metasploit Toolkit For Penetration Testing. SYNGRESS Press (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Mohammad Tabatabai Irani
    • 1
  • Edgar R. Weippl
    • 1
  1. 1.Secure Business AustriaViennaAustria

Personalised recommendations