Slashdot Mirror

← Back to Stories (view on slashdot.org)

Metasploit Hacking Tool To Get Services-Based Model

Posted by kdawson on from the at-your-services dept.

ancientribe writes "Metasploit hacking tool creator HD Moore told Dark Reading that the open-source hacking tool soon will come with back-end services-based features aimed at offloading resource-intensive penetration testing tasks. This is a departure for the software-oriented Metasploit, and Moore and company just may be on to something: it turns out commercial penetration testing tool vendors are looking at adding services-based versions of their software. Immunity Inc. will do so this year, and Core Security Technologies is considering doing so as well."

29 comments

  1. Legal minefield by Anonymous Coward · · Score: 4, Interesting

    Do they really expect professional penetration testers to use a third party to attack production networks? Most companies hardly have the guts to even hire a penetration tester. I doubt they'll be thrilled that the list of their vulnerabilities is shared with another company.

    1. Re:Legal minefield by Who+Is+The+Drizzle · · Score: 2, Funny

      Do they really expect professional penetration testers to use a third party to attack production networks?

      That's what she said!

    2. Re:Legal minefield by Anonymous Coward · · Score: 0

      T_T

    3. Re:Legal minefield by Anonymous Coward · · Score: 0

      Make her scared of it.

    4. Re:Legal minefield by Anonymous Coward · · Score: 0

      I hold an OSCP and CISSP. Yes, we use third party tools. Do you think we magically rewrote every exploit/framework out there?

    5. Re:Legal minefield by wastedlife · · Score: 1

      Not third-party tools, the article is about a third-party company conducting the tests. However, I doubt this is intended for professional pen testers. I think this is intended for companies that do not have a security professional on staff to use.

      --
      Said, "It's just like dice but it's got more sides And it tells me who lives and who dies"
    6. Re:Legal minefield by Tekfactory · · Score: 1

      But in this case you'd be sending password hashes to Metasploit, they'd crack them and send them back in the clear.

      I don't think I'd endorse that to a customer.

      Secondly, there are some customers that don't have Internet access to their system, I don't know how useful the password cracking and opcode stuff would be unless you encrypt/export it and sent it to them via FTP.

  2. This doesn't seem timed well by arogier · · Score: 1

    Coming off of the Kaspersky breach yesterday this hitting the news today seems like it should raise some eyebrows. If one well regarded security firm has trouble controlling customer data, does offloading actual penetration testing of your network to a remote system seem very bright. Especially if the penetration test reveals flaws that leave vulnerable information on the remote machines. I don't think its a strictly legal minefield so much as well, a minefield.

    --
    http://www.aaronrogier.net
  3. useless by enter+to+exit · · Score: 0, Flamebait

    who else read this as "blah blah blah Open Source New " and then summarsied it as "another useless technique that does nothing practical"?

  4. "offloading resource-intensive penetration tests" by timeOday · · Score: 5, Funny

    In my day we just called them botnets.

  5. Slashdot by Anonymous Coward · · Score: 0

    Is this thing on?
    Has slashdot been slashdotted? Pages are loading funny.

  6. Resource intensive? by Bert64 · · Score: 4, Interesting

    Maybe if they hadn't decided to rewrite metasploit in ruby it wouldn't be so resource intensive...
    The speed difference between 2.x and 3.x is absolutely insane. Calling the msfcli interface results in 10+ seconds of initialization before it even starts trying to exploit the target, when you have a script calling msfcli multiple times it soon gets tiring... And this is on a fairly modern dual core box. I used to run metasploit 2.x on a much slower single core box and it performed quite well.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
    1. Re:Resource intensive? by mindstrm · · Score: 1

      This really isn't an obstacle to a professional pen-tester - 10 seconds to fire up metasploit is not a problem.

      It's possible that without Ruby, we'd have a much faster, much less feature-rich framework.

    2. Re:Resource intensive? by Anonymous Coward · · Score: 1, Insightful

      A few points:

      1. If you are scripting with msfcli, you are probably doing it wrong and should be writing plugins or resources scripts for msfconsole.

      2. The module count between 2 and 3 has more than doubled.

      3. Its only using one core no matter what, so core counts aren't relevant.

      I agree that 3.x is still pretty damned slow, but I disagree that its the languages's fault. The basic issue is a lack of "real" module caching, something we will try to tackle for 3.3. Thanks for the feedback!

    3. Re:Resource intensive? by Shadow-isoHunt · · Score: 1

      Agreed. I've griped about Ruby with hdm(you can reach him on freenode, btw), but it's not my project. It does allow rapid development of new modules though, and is simple enough that you can patch together an exploit by copy and pasting bits of code from other modules and then throwing your shellcode in. In short, Metasploit's still the best framework we've got... although nmap's scripting engine is sorta sexy too.

      --
      www.isoHunt.com
    4. Re:Resource intensive? by Bert64 · · Score: 1

      You could also rapidly develop new modules in the way you described in perl...
      Perl provided a good compromise between speed and ease of development, ruby however, and assembly at the opposite end of the spectrum, just sacrifice too much.
      Perl is also already installed and well supported on virtually everything...

      Ditching the perfectly working perl framework and rewrite it in what amounts to a "fashionable" language, while effectively rendering the whole thing useless on small devices (think wireless aps, netbooks, nokia's tablets, phones etc) just seems like a bad idea... All that duplicated effort to produce something that's less useful than the previous version.

      What will version 4 be? completely rewritten in the next fashionable language and requiring a minimum of 8 cores and 8gb ram?

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!
    5. Re:Resource intensive? by jamesmcm · · Score: 0

      Well, if it's that bad, perhaps you can get some developers to fork it from 2.x and work from there. It's Open Source for a reason.

    6. Re:Resource intensive? by jamesmcm · · Score: 0

      I wouldn't call Ruby a "fashionable language" it's quite solid (even if we do end up looking at it like COBOL in 20 years). To be honest, my main annoyance is that they chose Ruby not Python :P I can see your point though, if it ain't broke don't try to fix it and all. But it is Open Source, so someone could fork the 2.x release.

  7. Re:"offloading resource-intensive penetration test by jo42 · · Score: 1

    In my day, we just ran nmap on remote Linux boxes.

  8. Production by jgtg32a · · Score: 1

    Who the hell would run a simulated attach on a production network, run it against the test environment, which should mirror production.

    1. Re:Production by Tekfactory · · Score: 2, Insightful

      Its about belief, some folks won't trust the model to simulate the production environment. Even if you make the VM or Ghost image right off of the real hardware, and put it onto another machine of the same model with the same specs, someone in the chain of command or legal will want to know if you tested the real thing.

      And if it goes far enough, say after a data breach, leave it to a lawyer in court to ask if you on the stand, if tested the live system or some rigged demo designed to fool the auditors.

  9. Re:Your goatse link is outdated. by Anonymous Coward · · Score: 0

    There is an updated goatse image? Why? No really why? Many people are still tying to remove the first goatse image from their brains. Now there is another one!

  10. Re:"offloading resource-intensive penetration test by BunnyClaws · · Score: 1

    I still do that. I need to get with the times.

    --
    "Anything tastes good if you deep fry it."