Post Exploitation & Meterpreter Scripting -Metasploit

Metasploit has now become the king of tools used in penetration testing. It’s comprised of a collection of all available exploits. The
tool has its pros and cons; some advantages are:

  • It automates the process of penetration testing

  • Fast (less time require)

  • Reliable

  • It offers a lot of advanced features that we will discuss step by step
  •  

     
Just
as a comparison between automatic and manual penetration testing and
vulnerability assessment approaches: the automatic process is fast but
in some cases does not give the desired result. Manual testing is slow,
but more precise and we cannot neglect it. As far as disadvantages go,
metasploit does not have one, excepting the possibility that automatic
tools do not always work. The point being, metasploit only has the
available exploits. If the server’s software is fully patched, then
metasploit would fail. (There are many methods of using metasploit.
Here, “fail” means to exploit the available vulnerability.) This being
the case, we will surely need to implement a manual test to find the
0-day vulnerability. This then is the weakness of metasploit. However,
metasploit is the hot topic among penetration testers, and many advances
have been made. The security community is currently working to make
metasploit even more useful.

Metasploit is based on module system.
From this point onward, I will assume that you are aware of basic usage
of metasploit, like about msfconsole, meterpreter, exploits, payload
and auxiliary module.

Post Exploitation

The
main objective in discussing post exploitation is to cover meterpreter
scripting. Post exploitation is the technique/ method /procedure or
standard to identify and to monitor a target host, to find the way of
future access.
What is post exploitation? Why is post exploitation
important? Some of these questions are important to understand the
phenomena, so let us suppose you have successfully hacked (compromised) a
host, but you want to use this session for some other time. It is not a
good practice to start things all over again. Moreover, what of you
fail next time? Therefore, the best method is to prepare the compromised
system for the next use. The other phase of post exploitation is to use
the compromised host as an attacker machine and to attack on some other
host or network via this compromised machine. Consider the picture below:



Now the above diagram shows the importance of post exploitation. Let
us suppose that an attacker has successfully compromised the victim A. Now, the attacker wants to go on the web server, so for victim A,
the web server is on the network. To hack on the same network is very
easy: instead of a remote attack for this purpose, the attacker can use
victim A as its own machine to attack on the network. This is what’s known as the post exploitation phase.
To conclude, the post exploitation attack is the process of:
  • Infrastructure analysis
  • Routing analysis
  • Protocol analysis
  • DNS server analysis
  • ARP analysis
  • Proxy server analysis
  • Host machine analysis (virtual or real host)
  • Services and software’s analysis
  • Sharing analysis
  • Directory, name server and certificates analysis
  • Backup and patch management analysis

To be continued :
This is an introductory part of the article that discuss the foundation of post exploitation, in the next article of this series we will discuss the practical of meterpreter scripting. Stay update and do not forget to share.


Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...