[ , شرح , ] , [ , شرح , مفصل , ] , ما , هو , الميتاسبلويت , ؟
السلام عليكم ورحمة الله وبركاته
اليوم سوف اقوم بشرح تفصيلي مبسط للميتاسبلويت
نبدأ على بركة الله تعالى ، !
ما هو الميتاسبلويت ؟
وهو حيز او مكان استغلال ، كتب بلغة الروبي ويستخدم لاختبار نقاط الضعف لدى النظام
المراد فحصه ،وذلك لتجنب استغلال نقاط الضعف الموجوده فيه !
ويوجد فيها العديد من الادوات المفيدة مثل " nmap " ، وقد وضعت لاختبار الاختراق !
ولكن الميتاسبلويت ، اصبحت الان الاداة المهمه في الاختراق والتدمير لدى الهكرز !
الان سوف اقوم بعرض صورة للهندسه المعماريه للميتاسبلويت وسوف اقوم بشرحها على حدا !
الصوره :
![[ شرح ] [ شرح مفصل ] ما هو الميتاسبلويت ؟ 2013_1372709403_694.](http://www.sqebd.com/vb/img2013/2013_1372709403_694.png)
الصوره يصعب علي شرحها بالعربي ، ولكن انصحكم لوجه الله تعالى !
بفهمها باللغة الانجليزية افضل !
Filesystem and Libraries #
The MSF filesystem is laid out in an intuitive manner and is organized by directory.
· lib: the 'meat' of the framework code base
· data: editable files used by Me tasploit
· tools: various useful command-line utilities
· modules: the actual MSF modules
· plugins: plugins that can be loaded at run-time
· scripts: Meterpreter and other scripts
· external: source code and third-party libraries
Libraries
Rex:
· The basic library for most tasks *
· Handles sockets, protocols, text transformations, and others *
· SSL, SMB, HTTP, XOR, Base64, Unicode *
Msf::Core:
· Provides the 'basic' API *
· Defines the Me tasploit Framework *
Msf::Base:
· Provides the 'friendly' API *
· Provides simplified APIs for use in the Framework *
Modules and Locations #
Me tasploit, as presented to the user, is composed of modules.
Exploits:
· Defined as modules that use payloads*
· *An exploit without a payload is an Auxiliary module
Payloads, Encoders, Nops:
· Payloads consist of code that runs remotely*
· Encoders ensure that payloads make it to their destination*
· Nops keep the payload sizes consistent.*
Modules Locations
Primary Module Tree:
· Located under $install/modules//
User-Specified Module Tree:
· Located under ~/.msf3/modules//
· This location is ideal for private module sets
Loading Additional Trees at Runtime:
· Pass the -m option when running msfconsole (./msfconsole -m)*
· Use the loadpath command within msfconsole*
Me tasploit Object Model:
In the Me tasploit Framework, all modules are Ruby classes.
· *Modules inherit from the type-specific class
· The type-specific class inherits from the Msf::Module class*
· *There is a shared common API between modules
Payloads are slightly different.
· Payloads are created at runtime from various components*
· *Glue together stagers with stages
Mixins and Plugins
A quick diversion into Ruby.
· Every Class only has one parent
· A class may include many Modules*
· Modules can add new methods*
· Modules can overload old methods*
* Me tasploit modules inherit Msf::Module and include mixins to add features.
Me tasploit Mixins
Mixins are quite simply, the reason why Ruby rocks.*
· Mixins 'include' one class into another*
· This is both different and similar to inheritance
· Mixins can override a class' methods*
*Mixins can add new features and allows modules to have different 'flavors'.
· Protocol-specific (ie: HTTP, SMB)
· Behavior-specific (ie: brute force)
· connect() is implemented by the TCP mixin
· connect() is then overloaded by FTP, SMB, and others.
Mixins can change behavior.
· The Scanner mixin overloads run()
· Scanner changes run() for run_host() and run_range()
· It calls these in parallel based on the THREADS setting
· The BruteForce mixin is similar
class MyParent
def woof
puts “woof!”
end
end
class MyClass < MyParent
end
object = MyClass.new
object.woof() => “woof!”
================================================== ==============
module MyMixin
def woof
puts “hijacked the woof method!”
end
end
class MyBetterClass < MyClass
include MyMixin
end
Me tasploit Plugins
Plugins work directly with the API.
· They manipulate the framework as a whole*
· Plugins hook into the event subsystem*
· They automate specific tasks which would be tedious to do manually*
Plugins only work in the msfconsole.
· Plugins can add new console commands*
· They extend the overall Framework functionality*
اعلم [FONT=Microsoft Sans Serif][SIZE=2]بأن الشرح لن ينال اعجاب الجميع ، ولكن سوف ينال اعجاب من اراد التطور
وفهم مبادئ الاختراق ومبدأ عمل الميتاسبلويت
الى هنا انهي شرحي ، واتمنى ان يعجبكم
الشرح اهداء /
[ لك انت ولكل الاعضاء ، و للزوار ]
[SIZE=2][COLOR=DarkSlateGray]والسلام عليكم ورحمة الله وبركاته
F avp D ltwg lh i, hgldjhsfg,dj ?
منذ /11-11-2012, 10:20 PM
[ شرح ] [ شرح مفصل ] ما هو الميتاسبلويت ؟
جديد حلول و مشاكل توزيعات أختبار الأخترآق
العرض العادي
