Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Mastering Metasploit Take your penetration testing and IT security skills to a whole new level with the secrets of Metasploit

Product type Paperback

Published in May 2018

Publisher Packt

ISBN-13 9781788990615

Length 492 pages

Edition 3rd Edition

Languages

Python

Tools

Metasploit

Concepts

Penetration Testing

Author (1):

Nipun Jaswal

View More author details

Table of Contents (14) Chapters

Preface

1. Approaching a Penetration Test Using Metasploit

2. Reinventing Metasploit FREE CHAPTER

3. The Exploit Formulation Process

4. Porting Exploits

5. Testing Services with Metasploit

6. Virtual Test Grounds and Staging

7. Client-Side Exploitation

8. Metasploit Extended

9. Evasion with Metasploit

10. Metasploit for Secret Agents

11. Visualizing with Armitage

12. Tips and Tricks

13. Other Books You May Enjoy

Leave a review - let other readers know what you think

Maintaining access using vulnerabilities in common software

The DLL search order hijacking/DLL planting technique is one of my favorite persistence-gaining methods in achieving long-time access while evading the eyes of the administrators. Let's talk about this technique in the next section.

DLL search order hijacking

As the name suggests, the DLL search order hijacking vulnerability allows an attacker to hijack the search order of DLLs loaded by a program and will enable them to insert a malicious DLL instead of a legit one.

Mostly, software, once executed, will look for DLL files in its current folder and System32 folder. However, sometimes the DLLs, which are not found in its current directory, are then searched in...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Nipun Jaswal

Nipun Jaswal is an international cybersecurity author and an award-winning IT security researcher with more than a decade of experience in penetration testing, Red Team assessments, vulnerability research, RF, and wireless hacking. He is presently the Director of Cybersecurity Practices at BDO India. Nipun has trained and worked with multiple law enforcement agencies on vulnerability research and exploit development. He has also authored numerous articles and exploits that can be found on popular security databases, such as PacketStorm and exploit-db. Please feel free to contact him at @nipunjaswal.

See other products by Nipun Jaswal