292
INDEX
MSSQL Injector option, 165
mssql_login
module, 78–79
mssql_payload
exploit, and
PowerShell, 189
mssql_payload
module, 79–80
mssql_ping
module, 27, 77–78
mssql_powershell
module, 185
mssql_powershell.rb
file, 189, 191, 195
mssql.rb
file, 188, 191, 192, 195
Mudge, Raphael, 11
multi-attack vector, 153–157
Multi-Attack Web Method
option, SET
main menu, 154
multi-encoding, 103–104
multi-handler, Meterpreter sessions, 239
multi-handler listener, 120
multi/handler
module, 100–101, 249
multi/http/tomcat_mgr_deploy
exploit, 261
multi_meter_inject
command, 235, 237
Muts, 226
N
Nano,
CTRL
-W shortcut, 188
nasm shell
, 13–14
nasm_shell.rb
utility, 13
NAT (Network Address Translation), 25
Nessus, 44–51
Add button, 45, 47
Bridge plug-in, 49–50
Browse button, 47
configuring, 44–45
creating scan policy, 45–47
Discovered Assets section, 40
General settings, 46
Home Feed, 44
importing report from, 48–49
Launch Scan button, 47
nessus_connect
command, 50
.nessus
file format, 48
nessus_help
command, 49
nessus_report_get
command, 50
nessus_report_list
command, 50
nessus_scan_new
command, 50
nessus_scan_status
command, 50
Nessus window, 44–45
Plugins page, 46
Policies tab, 45
Preferences page, 47
reports in, 47–48
running scan, 47
scanning from within Metasploit,
49–51
Scans tab, 45, 47
Submit button, 47, 48
Users tab, 45
netcat
listener, 32, 36
Netcraft, passive information gathering
using, 17
Netgear switch, 30
net localgroup administrators metasploit
/ADD
command, 187
netstat -an
command, 114
net user
command, 85
NetWin SurgeMail 3.8k4-4
vulnerability, 197
Network Address Translation (NAT), 25
Network Connections Control Panel,
Windows XP, 269
Network Service account, 271
New Database option, SQL Server Man-
agement Studio Express, 272
New Login option, User Properties
window, 272
New Table option, SQL Server Manage-
ment Studio Express, 272
NeXpose, 37–44
Administration tab, 37
Assets tab, 37
configuring, 37–42
Community edition, 37
Credentials tab, 38
Devices tab, 38
Home tab, 39
importing report from, 42–43
NeXpose Simple XML Export
option, 41
New Login button, 38
New Manual Scan button, 39
New Report button, 41
New Site button, 38
New Site wizard, 39
Report Configuration wizard, 42
Report format field, 41
running within
msfconsole
, 43–44
Scan Progress section, 40
Scan Setup tab, 38
Select Devices dialog, 42
Select Sites button, 41
Start New Scan dialog, 39
Start Now button, 39
Test Login button, 38
Vulnerabilities tab, 37
nexpose_connect -h
command, 43
nexpose_scan
, 43