background image

INDEX

291

rules for, 244

scraper

, 93–94

token impersonation with, 87–89
upgrading command shell to, 95–97

Meterpreter shell, 68, 156
Microsoft IIS, vulnerability in WebDAV 

implementations, 127

Microsoft Security Bulletin 

MS10-002, 116

Microsoft SQL Attack Tools menu, 

MSSQL Bruter, 168

Microsoft SQL Server

attacking, 76–78
brute forcing, 78–79
getting command execution on, 

186–187

injection with Fast-Track tool, 164–174

manual injection, 167–168
MSSQL Bruter, 168–172
POST parameter attack, 166–167
query string attack, 165–166

SQLPwnage

, 172–174

targeted scanning for, 27–28
on Windows XP, 269–271

Microsoft SQL Tools option, 165, 172
Microsoft Windows–based payloads, 60
Microsoft Windows 

CreateSizedDIBSECTION 
Stack Buffer Overflow, 119

migrate

 command, 82, 92–93

migrate -f

 command, 119

migrate 

PID

 command, 278

Mitnick, Kevin, 248
Mixed-mode authentication, MSSQL 

Bruter, 168

mixins

defined, 31
for Meterpreter scripts, 242–244

modules, 185–196

and code reuse, 196
creating, 189–196

converting from hex to binary, 

192–194

counters in, 194–195
running exploit, 195–196
running Shell exploit, 190–192
using PowerShell, 189–190

defined, 8
exploring, 187–188
getting command execution on 

Microsoft SQL, 186–187

modules

 directory, 191

MS08-067 exploit, 59, 60, 67, 96

ms08_067_netapi

 module, 10, 59

MS11-006 exploit, 119
MSF (Metasploit Framework). 

See

 Meta-

sploit Framework (MSF)

Msf::Auxiliary::Scanner

 mixin, 32

MSF binary payload, 185

msfbook 

database, 20, 24

msf exploit(

ms08_067_netapi

) prompt, 60

msfcli

, 9–11, 86, 281

msfconsole

, 9, 20, 32, 37, 42

customizing 

msfconsole

, 255–257

commands for, 275–277

info

, 63

save

, 64

set

 and 

unset

, 63

setg

 and 

unsetg

, 64

show auxiliary

, 58

show exploits

, 58

show options

, 58–60

show payloads

, 60–62

show targ

, 62–63

customizing, 255–257
running NeXpose within, 43–44
running 

nmap

 from, 24–25

testing exploits, 220

msfconsole -r karma

.rc command, 180

msf.doc

 file, 120

msfencode

, 13, 102–103, 280

msfencode -h

 command, 13, 102, 280

Msf::Exploit::Remote::Seh

 mixin, 228

Msf::Exploit::Remote::Tcp

 mixin, 32, 219

Msf::Exploit::Remote::Udp

 mixin, 228

msf MS08-067

 prompt, 62

msfpayload

, 12–13

commands for, 280
creating binaries with, 100–101

msfpayload

 command, 103, 112

msfpayload -h

 command, 13, 280

msfpescan

 command, 206

msf 

prompt, 59

msfupdate

 command, 274

::Msf::Util::EXE.to_win32pe

 

function, 246

Msf::Util::EXE.to_win32pe(framework,

payload.encoded)

 option, 192

msfvenom

, 108, 281

MSSQL Bruter

, Microsoft SQL injection, 

168–172

MSSQL Bruter

 option, 169

mssql_commands.rb

 file, 188

mssql_exec 

auxiliary module, 187