forked from cliffe/SecGen
-
Notifications
You must be signed in to change notification settings - Fork 0
/
2_malware_msf_payloads.xml
133 lines (112 loc) · 5.56 KB
/
2_malware_msf_payloads.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>Malware and an Introduction to Metasploit and Payloads</name>
<author>Z. Cliffe Schreuders</author>
<description>
# Introduction
In this hands-on lab you will dive into the intriguing world of malware and ethical hacking, exploring how attackers create and deploy malicious software to compromise computer systems. The lab introduces you to various types of malware, such as Trojan horses, viruses, and worms, shedding light on their distinct characteristics and functionalities. You will also get acquainted with the powerful Metasploit framework, a widely-used tool in the realm of ethical hacking, and learn how to generate malicious payloads using it.
Throughout this engaging learning experience, you will undertake practical tasks, such as creating a Trojan horse that adds a new user to a Windows system, evading anti-malware detection by encoding and utilizing executable templates, and experimenting with various payloads. These hands-on exercises will equip you with essential skills in understanding, generating, and testing malware, all within a controlled and ethical learning environment. Whether you're a budding ethical hacker or simply curious about the world of cybersecurity, this lab will provide valuable insights and practical knowledge in the field of malware and penetration testing. So, gear up to explore the darker side of computing and learn how to protect against it. You'll explore, experiment, and emerge with practical expertise in a controlled environment.
# Lecture
[Slides here](http://z.cliffe.schreuders.org/presentations/slides/DSL_DS_OSPT_Lectures_2_Malware.html)
# Reading
[Chapter 23 "Protecting Against Programmed Threats": Garfinkel, S. and Spafford, G. and Schwartz, A. (2003), Practical Unix and Internet Security, O'Reilly. (ISBN-10: 0596003234) Available online via the library](http://www.dawsonera.com.ezproxy.leedsbeckett.ac.uk/depp/reader/protected/external/AbstractView/S9781449310325)
Suggested:
Chapter 3 "Program Security": Pfleeger, C.P. and Pfleeger, S.L. (2007), Security in Computing, Prentice Hall. (ISBN-10: 0132390779)
Chapter 19 "Malicious Logic": Bishop, M. (2005), Introduction to Computer Security, Addison-Wesley. (ISBN-10: 0321247442)
</description>
<lab_sheet_url>https://docs.google.com/document/d/1QsOLdqwBP6njIoKbeQRdattbLBLPFCB-eKHW0OxdE8U/edit?usp=sharing</lab_sheet_url>
<type>lab-sheet</type>
<difficulty>easy</difficulty>
<CyBOK KA="MAT" topic="Malware Taxonomy">
<keyword>dimensions</keyword>
<keyword>kinds</keyword>
</CyBOK>
<CyBOK KA="MAT" topic="Malware Analysis">
<keyword>anti-analysis and evasion techniques</keyword>
</CyBOK>
<CyBOK KA="MAT" topic="Attacks and exploitation">
<keyword>EXPLOITATION FRAMEWORKS</keyword>
</CyBOK>
<CyBOK KA="SOIM" topic="PENETRATION TESTING">
<keyword>PENETRATION TESTING - SOFTWARE TOOLS</keyword>
<keyword>PENETRATION TESTING - ACTIVE PENETRATION</keyword>
</CyBOK>
<system>
<system_name>windows_victim</system_name>
<base platform="windows" distro="7"/>
<input into_datastore="IP_addresses">
<!-- 0 windows desktop -->
<value>172.16.0.2</value>
<!-- 1 kali -->
<value>172.16.0.3</value>
</input>
<utility module_path=".*/parameterised_accounts" platform="windows">
<input into="accounts" into_datastore="accounts">
<generator type="account">
<input into="username">
<generator type="random_sanitised_word">
<input into="wordlist">
<value>mythical_creatures</value>
</input>
</generator>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>true</value>
</input>
<input into="strings_to_leak">
<generator type="random_line_generator">
<input into="linelist">
<value>secrets</value>
</input>
</generator>
</input>
<input into="leaked_filenames">
<value>my_secret.txt</value>
</input>
</generator>
</input>
</utility>
<network type="private_network">
<input into="IP_address">
<datastore access="0">IP_addresses</datastore>
</input>
</network>
<input into_datastore="spoiler_admin_pass">
<generator type="strong_password_generator"/>
</input>
<build type="cleanup">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</build>
</system>
<system>
<system_name>kali</system_name>
<base distro="Kali" name="MSF"/>
<utility module_path=".*/parameterised_accounts">
<input into="accounts">
<value>{"username":"kali","password":"kali","super_user":"true","strings_to_leak":[],"leaked_filenames":[]}</value>
</input>
</utility>
<utility module_path=".*/metasploit_framework"/>
<utility module_path=".*/handy_cli_tools"/>
<service module_path=".*/apache"/>
<utility module_path=".*/nmap"/>
<utility module_path=".*/clamav"/>
<network type="private_network" >
<input into="IP_address">
<datastore access="1">IP_addresses</datastore>
</input>
</network>
<build type="cleanup">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</build>
</system>
</scenario>