You're reading from Mastering Metasploit Exploit systems, cover your tracks, and bypass security controls with the Metasploit 5.0 framework

Product type Paperback

Published in Jun 2020

Publisher Packt

ISBN-13 9781838980078

Length 502 pages

Edition 4th Edition

Languages

Tools

Metasploit

Concepts

Penetration Testing

Author (1):

Nipun Jaswal

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1 – Preparation and Development

2. Chapter 1: Approaching a Penetration Test Using Metasploit FREE CHAPTER

3. Chapter 2: Reinventing Metasploit

4. Chapter 3: The Exploit Formulation Process

5. Chapter 4: Porting Exploits

6. Section 2 – The Attack Phase

7. Chapter 5: Testing Services with Metasploit

8. Chapter 6: Virtual Test Grounds and Staging

9. Chapter 7: Client-Side Exploitation

10. Section 3 – Post-Exploitation and Evasion

11. Chapter 8: Metasploit Extended

12. Chapter 9: Evasion with Metasploit

13. Chapter 10: Metasploit for Secret Agents

14. Chapter 11: Visualizing Metasploit

15. Chapter 12: Tips and Tricks

16. Other Books You May Enjoy

Leave a review - let other readers know what you think

Post-exploitation with RailGun

RailGun sounds like a top-notch gun spitting out bullets faster than light; however, this is not the case. RailGun allows you to make calls to a Windows API without the need to compile your own DLL. It supports various Windows DLL files and eases the way for us to perform system-level tasks on the victim machine. Let's see how we can perform various tasks using RailGun, and carry out some advanced post-exploitation with it.

Manipulating Meterpreter through Interactive Ruby Shell

RailGun requires the irb shell to be loaded into Meterpreter. Let's look at how we can jump to the irb shell from Meterpreter:

Figure 2.26 – Running the irb shell from Meterpreter

We can see in the preceding screenshot that merely typing in irb from Meterpreter allows us to drop in the Ruby-interactive shell. We can perform a variety of tasks with the Ruby shell from here. Metasploit also informs us that the client variable...