INDEX
291
rules for, 244
scraper
, 93–94
token impersonation with, 87–89
upgrading command shell to, 95–97
Meterpreter shell, 68, 156
Microsoft IIS, vulnerability in WebDAV
implementations, 127
Microsoft Security Bulletin
MS10-002, 116
Microsoft SQL Attack Tools menu,
MSSQL Bruter, 168
Microsoft SQL Server
attacking, 76–78
brute forcing, 78–79
getting command execution on,
186–187
injection with Fast-Track tool, 164–174
manual injection, 167–168
MSSQL Bruter, 168–172
POST parameter attack, 166–167
query string attack, 165–166
SQLPwnage
, 172–174
targeted scanning for, 27–28
on Windows XP, 269–271
Microsoft SQL Tools option, 165, 172
Microsoft Windows–based payloads, 60
Microsoft Windows
CreateSizedDIBSECTION
Stack Buffer Overflow, 119
migrate
command, 82, 92–93
migrate -f
command, 119
migrate
PID
command, 278
Mitnick, Kevin, 248
Mixed-mode authentication, MSSQL
Bruter, 168
mixins
defined, 31
for Meterpreter scripts, 242–244
modules, 185–196
and code reuse, 196
creating, 189–196
converting from hex to binary,
192–194
counters in, 194–195
running exploit, 195–196
running Shell exploit, 190–192
using PowerShell, 189–190
defined, 8
exploring, 187–188
getting command execution on
Microsoft SQL, 186–187
modules
directory, 191
MS08-067 exploit, 59, 60, 67, 96
ms08_067_netapi
module, 10, 59
MS11-006 exploit, 119
MSF (Metasploit Framework).
See
Meta-
sploit Framework (MSF)
Msf::Auxiliary::Scanner
mixin, 32
MSF binary payload, 185
msfbook
database, 20, 24
msf exploit(
ms08_067_netapi
) prompt, 60
msfcli
, 9–11, 86, 281
msfconsole
, 9, 20, 32, 37, 42
customizing
msfconsole
, 255–257
commands for, 275–277
info
, 63
save
, 64
set
and
unset
, 63
setg
and
unsetg
, 64
show auxiliary
, 58
show exploits
, 58
show options
, 58–60
show payloads
, 60–62
show targ
, 62–63
customizing, 255–257
running NeXpose within, 43–44
running
nmap
from, 24–25
testing exploits, 220
msfconsole -r karma
.rc command, 180
msf.doc
file, 120
msfencode
, 13, 102–103, 280
msfencode -h
command, 13, 102, 280
Msf::Exploit::Remote::Seh
mixin, 228
Msf::Exploit::Remote::Tcp
mixin, 32, 219
Msf::Exploit::Remote::Udp
mixin, 228
msf MS08-067
prompt, 62
msfpayload
, 12–13
commands for, 280
creating binaries with, 100–101
msfpayload
command, 103, 112
msfpayload -h
command, 13, 280
msfpescan
command, 206
msf
prompt, 59
msfupdate
command, 274
::Msf::Util::EXE.to_win32pe
function, 246
Msf::Util::EXE.to_win32pe(framework,
payload.encoded)
option, 192
msfvenom
, 108, 281
MSSQL Bruter
, Microsoft SQL injection,
168–172
MSSQL Bruter
option, 169
mssql_commands.rb
file, 188
mssql_exec
auxiliary module, 187