|
| 22 Sep 2012 09:40 PM |
...to have a program on a jump drive which uses the metasploit framework to gain access to the host and then use it as a pivot point to attack other computers on its network?
Just came to thought yesterday.
I obviously don't plan to use it but it would be interesting to know.
As for those who don't know what metasploit is:
"The Metasploit Project is a computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
Its most well-known sub-project is the open-source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive, and security research." |
|
|
| Report Abuse |
|
|
|
| 22 Sep 2012 09:41 PM |
I just realized I double posted...
wtf roblox
since when does a 503 error double as a 200 okay |
|
|
| Report Abuse |
|
|
|
| 22 Sep 2012 09:43 PM |
No, not really. You can get in big trouble for using that, plus, a download/injection would be a better means, rather than physical access. |
|
|
| Report Abuse |
|
|
|
| 22 Sep 2012 09:46 PM |
Metasploit is a double edged sword. I was thinking of making something that pen testers could use to easily verify a network is secure with little user interaction involved. Think about it, users could simply put it in and be alerted which computers are vulnerable.
"plus, a download/injection would be a better means, rather than physical access." If they are pen testing the machine, it is unlikely they won't have physical access to it. |
|
|
| Report Abuse |
|
|
|
| 22 Sep 2012 09:48 PM |
Yeah, but, hackers won't walk into the room with the machine, will they? I can see why you'd do it, but it isn't practical |
|
|
| Report Abuse |
|
|
stravant
|
  |
 |
| Joined: 22 Oct 2007 |
| Total Posts: 2893 |
|
|
| 22 Sep 2012 10:37 PM |
| Yes, a lot of modern attacks on networks are made by "seeding" an area with "lost" flash drives that people on the target network can find, and leaving "confidential" files on those drives that contain an evil payload. |
|
|
| Report Abuse |
|
|
|
| 22 Sep 2012 11:12 PM |
Not sure why I got banned, but wasn't CD'd? Must've been a mistake.
Oh well, I can wait a day. |
|
|
| Report Abuse |
|
|