meterpreter

Metasploit Meterpreter and NAT

Published January 4, 2014 |

Professional pentesters typically use a host that is connected directly to the internet, has a public IP address, and is not hindered by any firewalls or NAT devices to perform their audit. Hacking “naked” is considered to be the easiest way to perform a penetration test that involves getting shells back. Not everyone has the […]

Posted in Metasploit, Pentesting | Tagged how-to-hack-nat-metasploit, how-to-use-metasploit-over-internet, httpswww-corelan-beindex-php20140104metasploit-meterpreter-and-nat, kali-metasploit-bind-with-pdf, metasploit, metasploit-behind-nat, metasploit-exploits-xp-sp3, metasploit-over-the-internet-kali, metasploit-targets-my-router, meterpreter, meterpreter-workings, nat, pentesting, port forwarding, reverse connection, reverse nat, reverse_http, reverse_https, reverse_tcp, value-of-lhost-in-metasploit-from-behind-firewall

HITB2012AMS Day 2 – Attacking XML Processing

Published May 25, 2012 |

By Peter Van Eeckhoutte (corelanc0d3r)

Attacking XML Processing Dressed in a classy Corelan Team T-Shirt, Nicolas Grégoire kicks off his presentation by introducing himself. Nicolas has been asked by a customer to audit some XML-DSig applications 18 months ago and found a number of bugs. This triggered him to do more research on this topic. This technology is present in […]

Posted in Cons and Seminars | Tagged adobe, agarri, common-xml-vulnerabilities, dtd, embed, firefox, java, meterpreter, nicolas grégoire, oracle, parser, php, processing, rest, restlet-xml-external-entity-gregoire, winrt-xml-parsing, xml, xslt, xxe, xxe-attack-execution

Metasploit Bounty – the Good, the Bad and the Ugly

Published July 27, 2011 |

By Corelan Team (Lincoln)

On June 14, 2011 HD Moore announced the Metasploit Bounty contest, offering a cash incentive for specific vulnerabilities to be submitted as modules in the Metasploit Framework. Titled “30 exploits, $5000 in 5 weeks”, a post on the Rapid7 blog lists the 30 “bounties” selected by the MSF team, waiting for someone to claim and submit a working exploit module.
Continue reading →

Posted in 001_Security, Exploits | Tagged advapi32.dll, aslr, asm, auriemma, bounty, carchive, cash, challenge, contest, debugger, dep, egg, egghunter, exploit, fix, genbroker, genclient, genesis, hd moore, heap, hmi, iat, iconics, immunity, incentive, integer, luigi, malloc, metasploit, meterpreter, mfc71u.dll, migrate, mona.py, ntsetinformationprocess, opcode, overflow, payload, peb, rop, rop.txt, ropfunc, scada, serialization, spray, stage, unicode, venetian, vtable, w00tw00t, windbg

Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics

Published August 12, 2009 |

By Peter Van Eeckhoutte (corelanc0d3r)

In the first parts of the exploit writing tutorial, I have discussed some common vulnerabilities that can lead to 2 types of exploits : stack based buffer overflows (with direct EIP overwrite), and stack based buffer overflows that take advantage of SEH chains. In my examples, I have used perl to demonstrate how to build […]

Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged buffer, check, custom vulnserver, encoder, exe, exe windows, exploit, exploit custom, Exploits, include, initialize, metasploit, meterpreter, module, msf, msf exploit, msf/core, offset, payload, port, print, rb, require, ruby, shellcode, socket, vulnserver, windows, windows system

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

Metasploit Meterpreter and NAT

HITB2012AMS Day 2 – Attacking XML Processing

Metasploit Bounty – the Good, the Bad and the Ugly

Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!