You can register an iTabCode account to be able to view iTabCode without ads. ( Registration is Free ) Register Now

metasploit framework

  1. x32x01

    Metasploit - The MSF

    Metasploit Framework (MSF) is the most widely used and very popular open source tool for pentesting. Metasploit Framework was first developed by HD Moore in 2001. Previously Metasploit was written in Perl; in 2007, it was totally rewritten in ruby and then in October 21, 2009 rapid7 acquired...
  2. x32x01

    Metasploit - Automation of Metasploit

    There are many ways automation in Metasploit. We are discussing about resource script in our tutorial. A resource script is actually a bunch of commands that runs in an automatic way when the scripts loaded. Metasploit already have a set of preconfigured scripts that is very useful in...
  3. x32x01

    Metasploit - Setting Up Databases

    In our Kali Linux environment we need to set our databases before we use the database function in Metasploit. To do that we need to start postgresql database server by using following command: service postgresql start Following screenshot shows that postgresql service has been started...
  4. x32x01

    Scan Web Applications Using Metasploit

    In penetration testing and bug bounty fields, scanning a website for vulnerabilities is the most crucial part. In our previous articles we had talk about some website or web application scanner like SkipFish and Wapiti, but in our this article we are going to talk about scan website using...
  5. x32x01

    [Metasploit] Upgrading Normal Command Shell to Meterpreter Shell

    The Metasploit Framework contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade detection. One of the best feature of Metasploit Framework is that you can easily upgrade your normal command shell payload into Meterpreter...
  6. x32x01

    JAVA RMI (Remote Method Invocation) Exploitation with Metasploit Framework

    The Java Remote Method Invocation, or Java RMI, is a mechanism that allows an object that exists in one Java virtual machine to access and call methods that are contained in another Java virtual machine; This is basically the same thing as a RPC, but in an object-oriented paradigm instead of a...
  7. x32x01

    15 Essential Meterpreter Commands Everyone Should Know

    A meterpreter is an advanced, stealthy, multifaceted, and dynamically extensible payload which operates by injecting reflective DLL into a target memory. Scripts and plugins can be dynamically loaded at runtime for the purpose of extending the post-exploitation activity. This includes privilege...
  8. x32x01

    Drupal 7 Exploitation with Metasploit Framework [SQL Injection]

    Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution. Depending on the content of...
  9. x32x01

    ShellShock Vulnerability Exploitation With Metasploit Framework

    Previously we’ve well explained the Heartbleed Vulnerability which already created so much havoc and now we’ll show you a live exploitation of ShellShock Vulnerability (CVE-2014-6271) with Metasploit Framework. ShellShock Vulnerability also called Bash Bug Vulnerability which already affects...
  10. x32x01

    Hack Wi-Fi Settings of Windows Machine Remotely [After Meterpreter]

    The Metasploit framework is well known in the realm of exploit development. It is a standalone tool for security researchers, penetration testers and IDS/IPS developers. As of now, it has 1700+ exploit definitions and 215 payloads for injection – a huge database. Metasploit is a great tool, and...
  11. x32x01

    Exploit Windows with Malicious MS-OFFICE File [Metasploit Framework]

    Metasploit has for years supported encoding payloads into VBA code. (VBA, or Visual Basic for Applications, is the language that Microsoft Office macros are written in.) Macros are great for pentesters, since they don’t rely on a specific version, and they are a supported method of code...
  12. x32x01

    Find Vulnerable Webcams with Shodan [Metasploit Framework]

    As we all knows that, Shodan is one of the most popular and dangerous search engine which gives you all information from the banners and pulls from web-enabled devices like routers/switches/traffic-lights/scada/cameras etc. There are many ways to find web cams on Shodan. Usually, using the name...
  13. x32x01

    Windows 10 Exploitation with an Image [Metasploit Framework - 2021]

    Metasploit is currently the most buzzing word in the field of information security and penetration testing. It has totally revolutionized the way we can perform security tests on our systems. The reason which makes Metasploit so popular is the wide range of tasks that it can perform to ease the...
  14. x32x01

    Metasploit DB Commands [Cheatsheet 2021]

    The post exploitation phase always begins after you have compromised one or more systems but you’re not even close to being done yet. Metasploit generally offers more than one interface to its underlying functionality, including console, command line, and graphical interfaces. In addition to...
  15. x32x01

    Adding a third party Module into Metasploit Framework

    As we all knows, Metasploit Framework is one of the most popular exploitation framework. Often new modules and exploits are always developed for Metasploit on time to time by hackers and security researchers, but all are not included in base configuration or updates. For these cases, you need...
  16. x32x01

    PHP CGI Argument Injection With Metasploit Framework

    PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. When PHP is used in a CGI-based setup (such as Apache’s mod_cgid), in some configurations it’s possible to execute arbitrary code with the privileges of the web...
  17. x32x01

    MySQL Pentesting with Metasploit Framework

    Everyone who has been involved with IT for more than a few months has at least heard of MySQL. The driving force behind MySQL has been to provide a reliable, high-performance server that is easy to set up and use. MySQL is not the only free database management system; it also is not the only...
  18. x32x01

    TCP & SYN Scanning with Metasploit Framework without NMAP

    Port Scan is Often done by hackers and penetration testers to identifying and discovering internal services of target host. Port Scanning is an important action for gathering more information of the target host. Today, We will see how to use Metasploit to scan port. As we all knows Metasploit...
  19. x32x01

    Pentesting Windows 2000/2003 Server with Metasploit Framework - Detailed Tutorial

    This is a very detailed step by step tutorial on How to pentest a Remote PC (Windows 2000/2003 server) with Metasploit Framework. We’ve used Kali Linux 2021 and Windows 2000 server in a virtual environment (VMware Workstation). The ease of pen testing is scary and readers, sysadmins are advised...
  20. x32x01

    Maintaining Access with Web Backdoors [Weevely]

    Once a web server and its services have been compromised, it is important to ensure that secure access can be maintained. This is usually accomplished with the aid of a web shell—a small program that provides stealth backdoor access and allows the use of system commands to facilitate...
Top