Client Side Attacks

Client side attacks are always a fun topic and a major front for attackers today. As network administrators and software developers fortify the perimeter, pentesters need to find a way to make the victims open the door for them to get into the network. Client side attacks require user-interaction such as enticing them to click a link, open a document, or somehow get to your malicious website.

There are many different ways of using Metasploit to perform client-side attacks and we will demonstrate a few of them here.

Binary Payloads

Final Exploit

Metasploit Architecture

Msfconsole

Exploits

Payloads

Databases

Meterpreter

Password Sniffing

Working with NeXpose

Working with Nessus

Exploit Payloads

Writing an Exploit

Using the Egghunter Mixin

Binary Payloads

Interacting with the Registry

Pivoting

Meterpreter Backdoor

Persistent Backdoors

Karmetasploit

Payloads Through MSSQL

MSF Community Edition

Armitage

Windows

Linux

OS X

Multiple OS

Client Side Attacks