Packt+ | Advance your knowledge in tech

You're reading from Mastering Metasploit With this tutorial you can improve your Metasploit skills and learn to put your network's defenses to the ultimate test. The step-by-step approach teaches you the techniques and languages needed to become an expert.

Product type Paperback

Published in May 2014

Publisher Packt

ISBN-13 9781782162223

Length 378 pages

Edition Edition

Tools

Metasploit

Concepts

Penetration Testing

Author (1):

Nipun Jaswal

View More author details

Table of Contents (17) Chapters

Mastering Metasploit

Credits

About the Author

About the Reviewers

www.PacktPub.com

Preface

1. Approaching a Penetration Test Using Metasploit FREE CHAPTER

2. Reinventing Metasploit

3. The Exploit Formulation Process

4. Porting Exploits

5. Offstage Access to Testing Services

6. Virtual Test Grounds and Staging

7. Sophisticated Client-side Attacks

8. The Social Engineering Toolkit

9. Speeding Up Penetration Testing

10. Visualizing with Armitage

Index

Exploiting browsers

Web browsers are used primarily for surfing the Web. However, an outdated web browser can compromise the entire system. Clients may never use the preinstalled web browser and choose one based on their preference. However, the default preinstalled web browser can still lead to various attacks on it. Exploiting a browser by finding vulnerabilities in the browser components is browser-based exploitation.

Note

For more information on various browser-based vulnerabilities, refer to Mozilla Firefox-based vulnerabilities at http://www.cvedetails.com/product/3264/Mozilla-Firefox.html?vendor_id=452.

Also, refer to Internet Explorer-based vulnerabilities at http://www.cvedetails.com/product/9900/Microsoft-Internet-Explorer.html?vendor_id=26.

The workings of the browser autopwn attack

Metasploit offers browser autopwn, a special automatic attack vector that tests various browsers in order to find vulnerabilities in it and exploit the same. To understand the working of this method, let...