Tutorials

PHP CGI Argument Injection With Metasploit Framework

PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. When PHP is used in a CGI-based setup (such as Apache’s mod_cgid), in some configurations it’s possible to execute arbitrary code with the privileges of the web server. More about this Vulnerability –  When run […]

Tutorials

MySQL Pentesting with Metasploit Framework

Everyone who has been involved with IT for more than a few months has at least heard of MySQL. The driving force behind MySQL has been to provide a reliable, high-performance server that is easy to set up and use. MySQL is not the only free database management system; it also is not the only […]

Tutorials

HTTP PUT Method Exploitation – Live Penetration Testing

In this article, we’ll be exploiting the HTTP PUT method vulnerability on one of the Metasploitable2 webserver through which you can easily upload any malicious file onto the server and can gain the access of the whole webserver in meterpreter shell. In last article, we’ve already learnt that how to Test HTTP Methods with Curl, […]

Tutorials

TCP & SYN Scanning with Metasploit Framework without NMAP

Port Scan is Often done by hackers and penetration testers to identifying and discovering internal services of target host. Port Scanning is an important action for gathering more information of the target host. Today, We will see how to use Metasploit to scan port. As we all knows Metasploit Framework is a free and open […]

Tutorials

Armitage – In-depth Windows Exploitation (GUI) – 2017

It’s difficult to talk about any system in a vacuum, especially a system that is so widely deployed in so many roles as Windows in all of its flavors. To see how easily tools like Metasploit Framework can remotely exploit Windows vulnerability, we’ll use the GUI version of Metasploit Framework which is so called as […]

Tutorials

Pentesting Windows 2000/2003 Server with Metasploit Framework – Detailed Tutorial

This is a very detailed step by step tutorial on How to pentest a Remote PC (Windows 2000/2003 server) with Metasploit Framework. We’ve used Kali Linux 2017.1 and Windows 2000 server in a virtual environment (VMware Workstation). The ease of pen testing is scary and readers, sysadmins are advised to update their Windows 2000/2003 server […]

Tech Articles

A Brief Overview of Kali Linux Tools

Kali Linux offers a number of customized tools designed for Penetration Testing. Tools are categorized in the following groups as seen in the drop-down menu shown in the following screenshot: Information Gathering: These are Reconnaissance tools used to gather data on your target network and devices. Tools range from identifying devices to protocols used. Examples: […]

Tutorials

DKMC – Another Wonderful Malicious Payload Evasion Tool (Windows Hacking)

Windows would be one of our common targets, since it is the most used operating system in the corporate environment. Since most of you are familiar with Windows, it would be easy to enumerate it. Our main goal is to generate a malicious payload with the help of DKMC (Don’t kill my cat) which is […]

Tutorials

MSFvenom Payload Creator (MSFPC) – Installation and Usage

With the help of MSFPC, you can quickly generate the payload based on msfvenom module which is a part of Metasploit Framework. So MSFvenom Payload Creator is a simple wrapper to generate multiple types of payloads like APK(.apk), ASP(.asp), ASPX(.aspx), BASH(.sh), Java(.jsp), Linux(.elf), OSX(.macho), Perl(.pl), PHP(.php), Powershell(.ps1), Python(.py), Tomcat(.war) and Windows(.exe/.dll). The only necessary input […]

Tech Articles

Meterpreter Commands in Detail 2017 – Metasploit Framework

After a successful exploit a Meterpreter shell allows you to perform many different functions along with a full remote shell. Meterpreter is great for manipulating a system once you get a remote connection, so depending on what your goals are; a Meterpreter shell is usually preferred to a straight remote terminal shell. Meterpreter gives us […]

Tutorials

Steal Windows Product Key Remotely with Metasploit Framework

As discussed previously, we had successfully exploited a windows machine with Metasploit Framework and created an administrator user in targeted machine. Now in this article, we’ll another exploit which steals the Windows Product Key remotely. Read Here: How to Hack Windows Machine with Metasploit Framework For this methods, run the “NETAPI Exploit” (specially for Windows […]

Tech Articles

MSFVENOM – All payload examples – Cheatsheet 2017

Msfvenom is a Metasploit Standalone Payload Generator which is a replacement of msfpayload and msfencode. Through msfvenom, you can generate any kind of shellcode/payload depending upon the platform/OS you want to hack. Often one of the most useful abilities of Metasploit is the msfvenom module. Multiple payloads can be created with this module and it […]