weclome to ic0de.ws Check here


Thread Rating:
  • 1 Vote(s) - 4 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Basic terminology used in MSF
#1
~ Basics Terms used in Metasploit  ~
 
Payload : Payload is a piece of code or a binary We run on a remote target to get full control over target machine. lets use a classic RATs example attacker crafts Darkcomet server and binds it to a innocent looking file and sends the file to target. Once the server is executed on target machine it connects back to attackers C2C. Now attacker can capturing keystrokes , run local exploits to get persistence etc.
 
listener : Listener in Metaspliot handles connections form the targeted machine. example after the server file is executed on target it dials back to attacker IP address and desired port
 
Module : Modules are nothing but plugins which help you run exploit modules ,scanning modules for example attacker has complete access on target machine he can run ping_sweep  module to determine active ip address on a intranet.
 
Exploit : Exploit is nothing but a security flaw in remote machine it can be webAPP exploit or local software exploit. Here attacker takes advantage of the exploit to gain access .Example attackers finds SQLI vulnerablity on a website he can eventually dump entire DB or users, passwords ,sensitive info etc..
[Image: BezlSXT.gif]
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)