Automation of Post-exploitation

Irani, Mohammad Tabatabai; Weippl, Edgar R.

doi:10.1007/978-3-642-10847-1_31

Mohammad Tabatabai Irani⁵ &
Edgar R. Weippl⁵

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 58))

Included in the following conference series:

International Conference on Security Technology

817 Accesses

Abstract

Pentesting is becoming an important activity even for smaller companies. One of the most important economic pressures is the cost of such tests. In order to automate pentests, tools such as Metasploit can be used. Post-exploitation activities can, however, not be automated easily. Our contribution is to extend Meterpreter-scripts so that post-exploitation can be scripted. Moreover, using a multi-step approach (pivoting), we can automatically exploit machines that are not directly routable: Once the first machine is exploited, the script continues to then automatically launch an attack on the next machine, etc.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

[Bag08] Bagget, M.: Effectiveness of antivirus in detecting metasploit payloads. SANS Institute (2008)
Google Scholar
[EPW04] Essmayr, W., Probst, S., Weippl, E.: Role-based access controls: Status, dissemination, and prospects for generic security mechanisms. Electronic Commerce Research (2004)
Google Scholar
[Met] Metasploit, http://www.metasploit.com/
[MMC+07] Maynor, D., Mookhey, K.K., Cervini, J., Roslan, F., Beaver, K.: Metasploit Toolkit For Penetration Testing. SYNGRESS Press (2007)
Google Scholar
[Rem] Remote, http://www.nologin.org/downloads/papers/remote-library-injection.pdf

Download references

Author information

Authors and Affiliations

Secure Business Austria, Favoritenstr. 16, A-1040, Vienna, Austria
Mohammad Tabatabai Irani & Edgar R. Weippl

Authors

Mohammad Tabatabai Irani
View author publications
You can also search for this author in PubMed Google Scholar
Edgar R. Weippl
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

University of Warsaw & Infobright Inc.,, Poland
Dominik Ślęzak
Hannam University, 306-791, Daejeon, South Korea
Tai-hoon Kim
National Chiao Tung University, Hsinchu, Taiwan
Wai-Chi Fang
Mississippi State University, Mississippi State MS, USA
Kirk P. Arnett

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Irani, M.T., Weippl, E.R. (2009). Automation of Post-exploitation. In: Ślęzak, D., Kim, Th., Fang, WC., Arnett, K.P. (eds) Security Technology. SecTech 2009. Communications in Computer and Information Science, vol 58. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10847-1_31

Download citation

DOI: https://doi.org/10.1007/978-3-642-10847-1_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10846-4
Online ISBN: 978-3-642-10847-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics