I N D E X

A

active information gathering, 18–26
ActiveX control, malicious, 184

add_group_user

 command, 89, 279

Add/Remove Windows Components, 

Windows Components Wizard

, 269

Address Resolution Protocol (ARP), 

175–176

add_user

 command, 89, 279

Administrator 

user account, 83

Adobe file format exploit, 141, 175
Adobe Flash, zero-day vulnerability, 

110, 146

advanced service enumeration, 19

airbase-ng

 component, 179

-C 30

 option, 179

-v

 option, 179

Aircrack-ng

 

website, 179

airmon-ng start wlan0

 command, 179

anonymous logins, 

scanner/ftp/

anonymous

, 29

antivirus

avoiding detection from, 99–108

creating stand-alone binaries with 

msfpayload

, 100–101

encoding with 

msfencode

, 102–103

using custom executable tem-

plates, 105–107

using multi-encoding, 103–104
using packers, 107–108

processes, killing, 282

APACHE_SERVER

 flag, 137

API (application programming inter-

face), for Meterpreter scripts, 
241–244

base API calls, 242
Meterpreter mixins, 242–244
printing output, 241–242

Arduino interface, 159

armitage

, 11–12

ARP (Address Resolution Protocol), 

175–176

assembly languages, 216
attack vectors, 17, 136
Attempt SQL Ping and Auto Quick 

Brute Force option, Fast-Track, 
169–171

Aurora attack vector, 146
Authentication Mode, SQL Server, 270

autoexploit.rc

 file, 73

Automatic Targeting option, 62
Automatic Updates option, 

Windows XP, 269

Autopwn Automation menu, 164

autopwn 

exploits, 181

Autopwn tool, using results in, 56

autorun.inf

 file, 157

auxiliary class, 129
auxiliary modules, 123–133

anatomy of, 128–133
defined, 8
in use, 126–128

Auxiliary 

run

 method, 31

Auxiliary::Scanner

 mixin, 31

B

back

 command, 58

backdoored executable, 106

background

 command, 86, 279

Back|Track

downloading, 267–268
updating, 272–274

bad characters

avoiding, 13
and creating exploits, 210–213

banner grabbing, 19, 36