This Repository contains my work on privilege escalation using Metasploit. I have used Metasploit the all around pentest tool to lunch exploits against victim devices(Windows 7, Window 10, Linux, Android) on VirtualBox.
- Exploit
- Payloads
Simply put, exploits are a way of gaining access to a system through a security flaw and taking advantage of the flaw for their benefit — in other words, to exploit it. Exploits normally come by way of a piece of programmed software, piece of code or a script. They are often delivered as a part of a kit, which is a collection of exploits. There are two types of exploit: Active Exploit and Passive Exploit
Active exploits will exploit a specific host, run until completion, and then exit.
- Brute-force modules will exit when a shell opens from the victim.
- Module execution stops if an error is encountered.
- You can force an active module to the background by adding ‘-j’ to the exploit command
Passive exploits wait for incoming hosts and exploit them as they connect.
- Passive exploits almost always focus on clients such as web browsers, FTP clients, etc.
- They can also be used in conjunction with email exploits, waiting for connections.
- Passive exploits report shells as they happen can be enumerated by adding ‘-l’ to the sessions command. Passing ‘-i’ will interact with a shell.
Well, a payload can be considered to be somewhat similar to a virus. A payload is a set of malicious codes that carry crucial information that can be used to hack any device. There are three different types of payload modules in the Metasploit Framework: Singles, Stagers, and Stages. Whether or not a payload is staged, is represented by ‘/’ in the payload name. For example, windows/shell_bind_tcp is a single payload with no stage, whereas windows/shell/bind_tcp consists of a stager (bind_tcp) and a stage (shell).
Singles are payloads that are self-contained and completely standalone. A Single payload can be something as simple as adding a user to the target system or running calc.exe. These kinds of payloads are self-contained, so they can be caught with non-Metasploit handlers such as netcat.
Stager's set up a network connection between the attacker and victim and are designed to be small and reliable. It is difficult to always do both of these so the result is multiple similar stagers. Metasploit will use the best one when it can and fall back to a less-preferred one when necessary.
Stages are payload components that are downloaded by Stager's modules. The various payload stages provide advanced features with no size limits such as Meterpreter, VNC Injection, and the iPhone ipwn Shell.
- Privilege Escalation using Metasploit
- Evading Antivirus with Better Meterpreter Payloads
- Exploitation With An Image
- Exploitation using Winrar with ace file
- Exploitation using VLC with mkv files
https://linuxsecurityblog.com/2018/11/12/payload-in-pdf/https://linuxsecurityblog.com/2020/02/09/regex-cheat-sheet/https://linuxsecurityblog.com/2019/11/20/how-to-fully-anonymize-your-ip/https://linuxsecurityblog.com/2019/11/14/gaining-access-to-windows10-through-vlc-exploit/https://securityboulevard.com/2020/02/evading-antivirus-with-better-meterpreter-payloads/