Metasploit Modülleri: Zafiyetler

Zafiyetler ve Modüller

MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)
exploit/windows/fileformat/ms09_067_excel_featheader
Kaynak site:
http://eromang.zataz.com/2011/02/06/ms09-067-microsoft-excel-malformed-featheader-record-vulnerability/

MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)
Kaynak site:
http://blogs.technet.com/b/srd/archive/2011/08/09/vulnerabilities-in-dns-server-could-allow-remote-code-execution.aspx
http://technet.microsoft.com/en-us/security/bulletin/ms11-058

Bazı Metasploit Modülleri

Metasploit Modülleri

Hedef Sistemlerdeki Belgeleri Çekme Modülü
post/windows/gather/int_doc_find
Kaynak site:
http://pentestn00b.wordpress.com/2012/06/19/metasploit-post-module-interesting-documents-finder/

Bypass UAC (User Account Control) with Metasploit
post/windows/escalate/bypassuac
Kaynak site:
http://www.youtube.com/watch?feature=player_embedded&v=JzBw_949Qac#!
http://pauldotcom.com/2012/02/dumping-cleartext-credentials.html

Otomatik olarak çoklu modül ile çalışmak
post_auto.rb
Kaynak site:
https://github.com/darkoperator/Metasploit-Plugins/blob/master/post_auto.rb

Setting SYSTEM's proxy settings with Metasploit
enum_proxy
clone_proxy_settings
Kaynak site:
http://www.room362.com/blog/2012/10/21/setting-systems-proxy-settings-with-metasploit.html

Hedef Sistemin Komut Satırına Bağlanma
exploit/windows/smb/psexec
Kaynak site:
http://www.offensive-security.com/metasploit-unleashed/PSExec_Pass_The_Hash

Hedef Sistemde Son Kullanan Dokümanları Listeleme
 post/windows/gather/dumplinks
Kaynak site:
http://www.offensive-security.com/metasploit-unleashed/Windows_Post_Gather_Modules#dumplinks