SBM Labs

Cyber Security Collaboration Project

Metasploit vs Software Updates
13 Feb 2012

We are going to look at how attacker can get access to remote host if don't install updates. At first we scan host with Nessus Vulnerability Scanner.

There are 2 critical vulnerabilities in scan results. Then we will use Metasploit in order to attack the system.

As you see we have access to remote host with system rights. Then we will create new user "hacker" and add it to the group "Administrators".

It is really very easy!

Now we are going to look at Adobe Reader vulnerabilities. We will use www.metasploit.com in order to find exploit.

This exploit allows to create malicious PDF file which does buffer overflow and execution of arbitrary code after user open it.

Then we will send PDF file to victim and receive access to remote host after user open it.

You can use www.secunia.com in order to get information about new vulnerabilities.

Conclusions. You should update software in order to protect your data.

Brute-Force LDAP accounts with Patator