Fun With Malware (Linux) [session 10]

Prerequisites: Should be comfortable with Linux (basic shell commands), Fundamentals of C (pointers, file I/O) and C++ (classes, inheritance, stream-based I/O).

Topics to be covered:

1. Exploiting vulnerabilties

1.1 Exploitation basics

1.2 Quick tour of Metasploit Framework

1.3 Finding exploit for target

1.4 Launching exploit using Metasploit

2. Porting Exploits

2.1 A deeper dive in MSF exploit

2.2 Studying the exploit code

2.3 Traffic dump and analysis using wireshark

2.4 Re-creating the exploit

2.5 Testing the exploit

3. Automated exploitation

3.1 Shells and reverse shells

3.2 Writing a reverse shell handler

3.3 Combining the pieces

4. Lateral movement

4.1 Why is it needeed?

4.2 Attempting lateral movement with MSF

4.3 Lateral movement using automated exploitation

4.4 Dropping the rat

4.5 Spawing connection from attacker machine

5. Pivoting

5.1 Pivoting basics

5.2 Writing a basic TCP proxy

5.3 Reverse and forward connection proxies

5.4 Chaining the proxies

5.5 Routing traffic through victim machine

5.6 Limitations



FeedBack : Share your FeedBack

YouTube : Watch Now

GitHub : Code Download