-
May 24th, 2010, 12:38 AM
#1
Junior Member
Metasploit Remotely?
Obviously Metasploit is a powerful tool. However, all Metasploit tutorials that I've seen are based on using Metasploit from within a subnet. I know that nowdays mostly everyone has some sort of router at home, be it wireless or wired, or piggybacked into the modem. From a IPSec standpoint, is it possible to exploit something into a network from outside of the network? I don't have too many nice neighbors or I'd setup a box in their house and try it. Obviously there are going to be some port issues, and logically the router would choose the first candidate. What if I was trying to access a certain computer on that network? I'm just not sure of how I could specify that ex. 192.168.1.105 is the target (from outside of the network), without first being 'apart' of that pertaining network. So if I were trying to prove to a boss that he needed some sort of hardware firewall, how would I show him on the computer that he's sitting at? Sorry to be so broad. Maybe I need to touch up on my theory of WANs.
-
May 24th, 2010, 05:01 AM
#2
Haha, I remember when questions like this were commonplace...maybe AO is coming back!
-
May 24th, 2010, 06:09 AM
#3
I don't think you'll be able to exploit a machine behind a router, unless the router is forwarding traffic for a certain port to that machine... you would first have to have the network machine initiate some sort of communication to an outside machine - then they could communicate back and forth, and an exploit could take place... but, AFAIK, it is impossible for an outside machine to access any machine on the network, unless ports are being forwarded via the router - and then only that machine could be accessed from the outside on those ports...
Of course, there are tools out there to crack router admin passwords - then you could see every machine on the network, and set up port-forwarding to try whatever exploits you want...
I've heard of metasploit, but I haven't fooled around with it... maybe I'll toy with it on my home network - if you're looking to exploit random machines, there are plenty of people out there hooked straight into the modem...
Last edited by wiskic10_4; May 24th, 2010 at 06:12 AM.
-
May 24th, 2010, 08:29 AM
#4
From what the OP wrote, I suggest the OP concentrate on networking fundamentals and put off diving into metasploit just yet.
"WAN Theory"...Really????
-
May 24th, 2010, 03:38 PM
#5
For this scenario, you would be better off generating a malicious PDF and having it do a reverse tcp back to you. Wiskic10_4 is right, it would be hard to get to a machine inside of a network if it is behind a router, as the router acts as kind of a firewall, only allowing inbound traffic to specified ports on internal machines. It is greatly simplified if you can become a part of that network, whether through wireless, or plugging into an active ethernet jack.
Of course, there are tools out there to crack router admin passwords - then you could see every machine on the network, and set up port-forwarding to try whatever exploits you want...
Most home routers [linksys, belkin, netgear etc] that I have seen have a default setting that only allows you to access the web interface internally, so you mileage with this one may vary. But if you are able to access the config page, you can search for 'default router passwords', and have a decent chance of getting in.
Here is an admittedly basic demo of Metasploit that I made: http://vimeo.com/10218067
Last edited by westin; May 24th, 2010 at 04:18 PM.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
May 25th, 2010, 12:58 AM
#6
Just wanted to mention that this is not a hacking site.
-
May 25th, 2010, 01:46 AM
#7
Junior Member
Thanks for the help wiskic10_4 and westin (thanks for the vid). I guess I have some good exploring to do. I set up a network here at the house (behind your typical dd-wrt-flashed linksys, and I'm working on exploiting it from my network at work. I'll keep you guys posted on what happens, what I have access to, etc. As for ss2chef, way to be an a$$. I posted this under the "newbie" questions purposely, so maybe you should keep your smart comments to the "senior" section before you un-inspire newbies to post on this site.
-
May 25th, 2010, 04:19 AM
#8
Originally Posted by CyberB0b
Just wanted to mention that this is not a hacking site.
No, but it is a security site. I routinely exploit systems, pivot through networks, throw garbage at webapps, and run sniffers/arp poisoners... so that I can learn about security.
The important part is that you either own the systems, or have permission to test their security.
I didn't see anything in the original post talking about 1337 h@x0ring someones network. I am a big fan of learning by doing. Knowing what threats are out there so that you can better defend against them. Sure some of the knowledge can be used for malicious purposes, but you can find that information anywhere. I don't want to see every post on AO answered with 'run malware bytes, run combofix,' etc.
Try to exploit your network. If you succeed, improve security and try again. If you fail, try again.
Just my $0.02...
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
May 25th, 2010, 12:20 PM
#9
the Security aspect is publicly displayed. There's a hidden area for all the l337 H@x0r discussions.
the monthly wargames that Quinn St the new owners have setup are sweeet!
-
May 25th, 2010, 04:20 PM
#10
You should be able to use a reverse payload, set LHOST to the IP of your router (external) and forward LPORT to your host. Or just use a bind payload if the target is not firewalled.
I think...
You could always use Meterpreter for key logging purposes; however, I don't think that is what you are looking for.
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
Similar Threads
-
By HTRegz in forum Network Security Discussions
Replies: 8
Last Post: May 26th, 2006, 03:03 PM
-
By LudakoT in forum IDS & Scanner Discussions
Replies: 4
Last Post: March 23rd, 2006, 04:43 AM
-
By Irongeek in forum The Security Tutorials Forum
Replies: 18
Last Post: November 20th, 2005, 10:31 PM
-
By KuiXing-2005 in forum IDS & Scanner Discussions
Replies: 2
Last Post: February 22nd, 2005, 12:51 AM
-
By MAD_M@T in forum Newbie Security Questions
Replies: 14
Last Post: April 24th, 2003, 06:06 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|