This latest unloose adds stealth features, exposing mutual flaws inward IDS in addition to IPS, in addition to anti-virus threat detection. Team leaders may straight off impose network gain restrictions on projects in addition to bound access to specific squad members.
Adding to its social engineering capabilities, Metasploit tin besides straight off attach malicious files to emails, for event PDF in addition to MP3 files that tin accept command of a user’s machine.
The highlights of Metasploit version 3.5.1 are:
Gain access to Cisco devices. Metasploit straight off automatically exploits authentication bypass flaws if introduce in addition to tin animate beingness forcefulness access through Telnet, Secure Shell, HTTP in addition to SNMP protocols. After successful exploitation, Metasploit downloads configuration files in addition to automatically extracts passwords, VPN keys, in addition to wireless credentials. These credentials tin in addition to then hold out leveraged to gain deeper access to the residuum of the network. This version adds additional network device audit in addition to exploitation features (only available inward Metasploit Express in addition to Metasploit Pro).
Silently regain of active networks. Metasploit imports network traffic logs from the pcap bundle capture files, identifying hosts, services in addition to clear-text passwords. This data is in addition to then used to invention an active gear upwards on against the network. The novel version besides accelerates the regain of host regain in addition to port scans.
Brute forcefulness UNIX “r” services, VNC in addition to SNMP. Adding to its wide animate beingness forcing capabilities, Metasploit straight off audits password safety of rshell, rlogin, rexec, VNC in addition to SNMP services. UNIX "r" services leverage discovered usernames for both the origin in addition to finish users fields specified inward these protocols.
Evade IPS/IDS in addition to anti-virus systems. Metasploit includes enhanced stealth options to avoid triggering IDS in addition to IPS, the alert systems of modern networks. An enhanced anti-virus evasion ensures that exploits are non stopped yesteryear end-point defenses.
Attach malicious PDF in addition to MP3 files to emails. Metasploit makes social engineering attacks to a greater extent than sophisticated yesteryear adding malicious files to emails, for example, PDF in addition to MP3 files.
Run additional exploits. Metasploit adds exploits for SAP BusinessObjects, Exim post service servers, ProFTPD file transfer installations, SCADA deployments (BACnet, Citect, DATAC), Novell NetWare servers, Microsoft Internet Explorer in addition to browser plugins such every bit Adobe Flash in addition to Oracle Java.
Share This :
comment 0 Comments
more_vert