Re: Core Impact

From: nick johnson (ch0pstik@gmail.com)
Date: Fri Jun 24 2005 - 16:18:25 EDT

• Next message: glemmon@onealwebster.com: "RE: CEH training"
• Previous message: NativePenSec: "Re: CEH training"
• In reply to: Chris Byrd: "Re: Core Impact"
• Next in thread: Andre Protas: "RE: Core Impact"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The metaterpreter has more power than people give it credit for.

You could also use it to up a local version of the framework and
compile it, and then use it to access the local framework.

On 6/24/05, Chris Byrd <cbyrd01@gmail.com> wrote:
> It is possible to do rudamentary pivoting using Metasploit, however it
> lacks the easy point and click interface of Impact. Check out the
> portfwd command in the Meterpreter network module for redirecting
> ports.
> http://www.metasploit.com/projects/Framework/docs/meterpreter.pdf
>
> By the way, according to
> http://cansecwest.com/core05/core05_metasploit.pdf more robust
> pivoting is planned for Metasploit 3.0.
>
> - Chris
>
> On 6/23/05, Daniel Miessler <daniel@dmiessler.com> wrote:
> >
> > On Jun 21, 2005, at 12:27 PM, securityfocus@benmansour.net wrote:
> >
> > > You might also want to look at the following open source project :
> > >
> > > Metasploit
> > > http://www.metasploit.com/
> > > "The Metasploit Framework is an advanced open-source platform for
> > > developing, testing, and using exploit code."
> > >
> > > Except for the GUI, it offers comparable functionality and a broad
> > > choice of exploits.
> >
> > Actually, while I think Metasploit is an impressive framework and use
> > it often, it lacks a main feature that IMPACT has. Namely, IMPACT is
> > able to do something they call "pivoting". This allows a tester to
> > select an exploit in the GUI, launch it, and then upload the IMPACT
> > agent to the newly compromised system.
> >
> > From there, you now have the same GUI from which you can re-scan and
> > exploit from that vantage point; rinse and repeat. In my view, this
> > is what sets this tool apart from the others.
> >
> > Of course, this isn't a replacement for a truly skilled pentester in
> > complex situations, but when the network is full of three year old
> > vulnerabilities and you're trying to make a point to a client's
> > management, it's quite effective.
> >
> > --
> > Daniel R. Miessler
> > M: daniel@dmiessler.com
> > W: http://dmiessler.com
> > G: 0x316BC712
> >
> >
> >
> >
> >
> >
> >
>

• Next message: glemmon@onealwebster.com: "RE: CEH training"
• Previous message: NativePenSec: "Re: CEH training"
• In reply to: Chris Byrd: "Re: Core Impact"
• Next in thread: Andre Protas: "RE: Core Impact"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:29 EDT