Penetration Testing mailing list archives

Re: Core Impact

From: nick johnson <ch0pstik () gmail com>
Date: Fri, 24 Jun 2005 15:18:25 -0500

The metaterpreter has more power than people give it credit for.

You could also use it to up a local version of the framework and
compile it, and then use it to access the local framework.

On 6/24/05, Chris Byrd <cbyrd01 () gmail com> wrote:

It is possible to do rudamentary pivoting using Metasploit, however it
lacks the easy point and click interface of Impact.  Check out the
portfwd command in the Meterpreter network module for redirecting
ports.
http://www.metasploit.com/projects/Framework/docs/meterpreter.pdf

By the way, according to
http://cansecwest.com/core05/core05_metasploit.pdf more robust
pivoting is planned for Metasploit 3.0.

- Chris

On 6/23/05, Daniel Miessler <daniel () dmiessler com> wrote:


On Jun 21, 2005, at 12:27 PM, securityfocus () benmansour net wrote:

You might also want to look at the following open source project :

Metasploit
http://www.metasploit.com/
"The Metasploit Framework is an advanced open-source platform for
developing, testing, and using exploit code."

Except for the GUI, it offers comparable functionality and a broad
choice of exploits.


Actually, while I think Metasploit is an impressive framework and use
it often, it lacks a main feature that IMPACT has. Namely, IMPACT is
able to do something they call "pivoting". This allows a tester to
select an exploit in the GUI, launch it, and then upload the IMPACT
agent to the newly compromised system.

 From there, you now have the same GUI from which you can re-scan and
exploit from that vantage point; rinse and repeat. In my view, this
is what sets this tool apart from the others.

Of course, this isn't a replacement for a truly skilled pentester in
complex situations, but when the network is full of three year old
vulnerabilities and you're trying to make a point to a client's
management, it's quite effective.

--
Daniel R. Miessler
M: daniel () dmiessler com
W: http://dmiessler.com
G: 0x316BC712

Current thread:

Core Impact Security Professional (Jun 21)
- Re: Core Impact Chris Raymond (Jun 21)
- RE: Core Impact boxerb (Jun 21)
- Re: Core Impact David Eduardo Acosta Rodríguez (Jun 21)
  - Re: Core Impact paul dansing (Jun 22)
- <Possible follow-ups>
- Re: Core Impact securityfocus (Jun 21)
  - Re: Core Impact Daniel Miessler (Jun 24)
    - Re: Core Impact Daniele Milan (Jun 24)
    - Re: Core Impact Chris Byrd (Jun 24)
    - Re: Core Impact nick johnson (Jun 24)
- RE: Core Impact Andre Protas (Jun 21)
- Re: Core Impact Christoph Puppe (Jun 22)
- Core Impact Security Professional (Jun 23)