Description: This is Part 10 of the Security Metasploit Framework Expert (SMFE) course material. You can begin by watching Part 1 here: http://www.securitytube.net/video/2556 . Enjoy! Certifications page: http://www.securitytube.net/cert-list
In this video, we will look at the Espia and Sniffer extensions and how to use them to grab remote screenshots and to run a sniffer on one or multiple interfaces on the victim computer. The Sniffer extension allows for the export of the captured packets in a pcap file, which can be transported back to the attacker's machine. This extension can come in really handy to understand the local network in the victim's environment, not to mention the possibility of being able to sniff any credentials which may be sent out or received by the victim in plain text.
Please leave your comments behind! :)
Tags: smfe , metasploit , certification , espia , sniffer ,
Hope I do not become annoying :)
Nice men, but may I ask, from were do you learn all this stuff, what is your way of learning :)
Do you know any good tricks for analyzing pcap dump files for interesting stuff. I tried to use xplico but seems there are a lot of bugs in it and often it doesn't work very well. Then there is wire shark filters but they are often time consuming to look for http post request fx. Also would lke to say very good videos I like the length that they are pretty short makes it easier to concentrate. Looking forward for the pivoting Part I think many people run into problems regarding the route forwarding/pivoting. Especially could be great if you would make detailed session on piping other scanners through a msf session, I find it ok easy to use msf through the session but a lot trickier to fx do a Nessus scan through a session. Thanks again for all the good work keep it up :-)
@ringneckparrot :) not at all my friend. Waiting for your WPS hack video eagerly :) I learn everything by experimenting and reading online.
@Thanks! I might create a network analysis megaprimer soon :) Your question is broad and I personally do it using a combination of both open source tools and my own custom scripts, dissectors and filters.
Next video is available ! Enjoy: http://www.securitytube.net/video/2684
@Vivek-Ramachandran which is the WPS hack video? mabye I lost something !!!!
Good video! :)