[ شرح مفصل ] ما هو الميتاسبلويت ؟

[Ethical Hacker]

[ شرح مفصل ] ما هو الميتاسبلويت ؟

السلام عليكم ورحمة الله وبركاته


اليوم سوف اقوم بشرح تفصيلي مبسط للميتاسبلويت


نبدأ على بركة الله تعالى ، !


ما هو الميتاسبلويت ؟

وهو حيز او مكان استغلال ، كتب بلغة الروبي ويستخدم لاختبار نقاط الضعف لدى النظام

المراد فحصه ،وذلك لتجنب استغلال نقاط الضعف الموجوده فيه !

ويوجد فيها العديد من الادوات المفيدة مثل " nmap " ، وقد وضعت لاختبار الاختراق !

ولكن الميتاسبلويت ، اصبحت الان الاداة المهمه في الاختراق والتدمير لدى الهكرز !




الان سوف اقوم بعرض صورة للهندسه المعماريه للميتاسبلويت وسوف اقوم بشرحها على حدا !


الصوره :





الصوره يصعب علي شرحها بالعربي ، ولكن انصحكم لوجه الله تعالى !

بفهمها باللغة الانجليزية افضل !

Filesystem and Libraries #

The MSF filesystem is laid out in an intuitive manner and is organized by directory.

· lib: the 'meat' of the framework code base
· data: editable files used by Me tasploit
· tools: various useful command-line utilities
· modules: the actual MSF modules
· plugins: plugins that can be loaded at run-time
· scripts: Meterpreter and other scripts
· external: source code and third-party libraries


Libraries

Rex:

· The basic library for most tasks *
· Handles sockets, protocols, text transformations, and others *
· SSL, SMB, HTTP, XOR, Base64, Unicode *

Msf::Core:

· Provides the 'basic' API *
· Defines the Me tasploit Framework *

Msf::Base:

· Provides the 'friendly' API *
· Provides simplified APIs for use in the Framework *


Modules and Locations #

Me tasploit, as presented to the user, is composed of modules.


Exploits:

· Defined as modules that use payloads*
· *An exploit without a payload is an Auxiliary module


Payloads, Encoders, Nops:

· Payloads consist of code that runs remotely*
· Encoders ensure that payloads make it to their destination*
· Nops keep the payload sizes consistent.*


Modules Locations

Primary Module Tree:

· Located under $install/modules//

User-Specified Module Tree:

· Located under ~/.msf3/modules//
· This location is ideal for private module sets

Loading Additional Trees at Runtime:

· Pass the -m option when running msfconsole (./msfconsole -m)*
· Use the loadpath command within msfconsole*

Me tasploit Object Model:

In the Me tasploit Framework, all modules are Ruby classes.
· *Modules inherit from the type-specific class
· The type-specific class inherits from the Msf::Module class*
· *There is a shared common API between modules

Payloads are slightly different.

· Payloads are created at runtime from various components*
· *Glue together stagers with stages

Mixins and Plugins

A quick diversion into Ruby.

· Every Class only has one parent
· A class may include many Modules*
· Modules can add new methods*
· Modules can overload old methods*
* Me tasploit modules inherit Msf::Module and include mixins to add features.


Me tasploit Mixins

Mixins are quite simply, the reason why Ruby rocks.*
· Mixins 'include' one class into another*
· This is both different and similar to inheritance
· Mixins can override a class' methods*

*Mixins can add new features and allows modules to have different 'flavors'.

· Protocol-specific (ie: HTTP, SMB)
· Behavior-specific (ie: brute force)
· connect() is implemented by the TCP mixin
· connect() is then overloaded by FTP, SMB, and others.

Mixins can change behavior.

· The Scanner mixin overloads run()
· Scanner changes run() for run_host() and run_range()
· It calls these in parallel based on the THREADS setting

· The BruteForce mixin is similar

class MyParent
def woof
puts “woof!”
end
end
class MyClass < MyParent
end
object = MyClass.new
object.woof() => “woof!”
================================================== ==============
module MyMixin
def woof
puts “hijacked the woof method!”
end
end
class MyBetterClass < MyClass
include MyMixin
end


Me tasploit Plugins

Plugins work directly with the API.
· They manipulate the framework as a whole*
· Plugins hook into the event subsystem*
· They automate specific tasks which would be tedious to do manually*

Plugins only work in the msfconsole.
· Plugins can add new console commands*
· They extend the overall Framework functionality*

اعلم [COLOR=DarkSlateGray]بأن الشرح لن ينال اعجاب الجميع ، ولكن سوف ينال اعجاب من اراد التطور

وفهم مبادئ الاختراق ومبدأ عمل الميتاسبلويت

الى هنا انهي شرحي ، وانتظروني في الجزء الثاني والمبسط جداً


والسلام عليكم ورحمة الله وبركاته

ETHICAL HACKER

Penetartion Testing

:27:

المصدر: development-point - للمزيد تابع : قسم توزيعات أختبار الأخترآق المتقدم

---

F avp ltwg D lh i, hgldjhsfg,dj ?

[سبع الليل]

مشكور لكن انت هل اجبت السؤال
ما هو الميتاسبلويت ؟
والله لم أفهم ولا كلمة

[سبع الليل]

مع أني مو جاية أتسلى أنا بعجبك بإختراق الواي فاي