Archive for the ‘Metasploit’ Category

Pwning Common Backdoors and Botnets with Metasploit

Friday, February 26th, 2016

Pwning Common Backdoors and Botnets with Metasploit

From the post:

The Metasploit Framework has a lot of exploit modules including buffer overflow attacks, browser exploits, web application vulnerabilities, backdoor exploits, bot pwnage tools, etc. Exploit developers and contributors to the framework have shared a wide variety of interesting and very useful stuffs.

For this article, we will talk about utilizing Metasploit to hack and take over common backdoors and botnets. We will not go into all of the modules, but we will be mentioning some modules that could be of use to your future penetration testing job or work. We will not be doing exploit development so no need to get your debuggers and code editors.

If you are new to using Metasploit Framework particularly with the msfconsole (command-line interface of the framework) then you don’t need to worry because this is a simple step by step guide also on how to use an exploit module. One of the things needed for this tutorial is that you have Metasploit installed on your attacker machine thus I would advise you to have Kali Linux or maybe BackBox Linux which are penetration testing distributions and have Metasploit pre-installed.

For our target machine, I also suggest that you install Metasploitable 2 on your favorite virtualization platform like VMWare or VirtualBox. Metasploitable 2 is a vulnerable Ubuntu Linux virtual machine which is good for practicing your Metasploit-fu skills because it is built to be insecure and to be your pet.

Except for U.S. Presidential primaries and their “debates,” one of which was captured by closed-captioning as:


most of the major sports are between seasons.

No better time than the present to begin acquiring and/or polishing your Metasploit skills!

The Insecure Internet of Things (IIoT) requires the digital equivalent of a “church key” for entry:


but there are more sophisticated (and lucrative) targets.