Sunday, August 25, 2013

Frequently used Metasploit Modules

Top ten Windows-based browser exploits:

modules/exploits/windows/browser/ms03_020_ie_objecttype.rb   
modules/exploits/windows/browser/ie_createobject.rb          
modules/exploits/windows/browser/ms06_001_wmf_setabortproc.rb
modules/exploits/windows/browser/ms06_067_keyframe.rb        
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb  
modules/exploits/windows/browser/aim_goaway.rb               
modules/exploits/windows/browser/winamp_playlist_unc.rb      
modules/exploits/windows/browser/winzip_fileview.rb          
modules/exploits/windows/browser/mcafee_mcsubmgr_vsprintf.rb 
modules/exploits/windows/browser/macrovision_unsafe.rb       


Top ten auxiliary modules

These are modules that don't open a session, but are nonetheless useful for information gathering, server spoofing, cracking passwords, and pretty much any non-memory corruption / command injection activity.

modules/auxiliary/server/browser_autopwn.rb        
modules/auxiliary/scanner/smb/smb_login.rb          
modules/auxiliary/scanner/ssh/ssh_login.rb            
modules/auxiliary/scanner/http/tomcat_mgr_login.rb
modules/auxiliary/server/capture/smb.rb                  
modules/auxiliary/server/capture/http.rb                  
modules/auxiliary/scanner/telnet/telnet_login.rb        
 modules/auxiliary/scanner/http/http_login.rb                 
modules/auxiliary/scanner/mssql/mssql_login.rb            
modules/auxiliary/spoof/dns/bailiwicked_host.rb              

Top ten post modules

Post modules are what a pentester will run once a machine is compromised. These are tasks like looting stored credentials, escalating local privilege, launching a keystroke logger, activities like that. Now that we can tell what modules are getting attention, we can say confidently that what people are most interested is extending access through the domain and other machines through stolen credentials.

modules/post/windows/gather/credentials/gpp.rb              
modules/post/windows/gather/enum_chrome.rb                  
modules/post/multi/gather/firefox_creds.rb                  
modules/post/multi/gather/pidgin_cred.rb                    
modules/post/windows/escalate/service_permissions.rb    
modules/post/osx/gather/enum_osx.rb                         
modules/post/windows/gather/credentials/filezilla_server.rb 
modules/post/multi/gather/ssh_creds.rb                      
modules/post/windows/gather/smart_hashdump.rb       
modules/post/windows/gather/cachedump.rb                      
Top ten exploit payloads

Top Payloads

modules/payloads/stages/windows/shell.rb                 
modules/payloads/stages/windows/meterpreter.rb           
modules/payloads/stagers/windows/reverse_tcp.rb             
modules/payloads/stages/windows/vncinject.rb                
modules/payloads/singles/php/reverse_php.rb                 
modules/payloads/stages/windows/upexec.rb                   
modules/payloads/stagers/windows/bind_tcp.rb                
modules/payloads/stages/windows/dllinject.rb                
modules/payloads/singles/linux/x86/shell_reverse_tcp.rb     
modules/payloads/singles/windows/adduser.rb                 

Top ten Rex protocols

lib/rex/proto/http/client.rb                                
lib/rex/proto/smb/client.rb                                 
lib/rex/proto/http/packet.rb                                
lib/rex/proto/http/server.rb                                
lib/rex/proto/dcerpc/client.rb                           
lib/rex/proto/smb/constants.rb                           
lib/rex/proto/smb/simpleclient.rb                        
lib/rex/proto/smb/utils.rb                                  
lib/rex/proto/http/request.rb                            
lib/rex/proto/dhcp/server.rb