This week the guys over at Offensive Security officially added Metasploit Pro to their curriculum for the class Pentration Testing with Backtrack. For those not familiar with it, BackTrack is a Linux distribution that includes a lot of tools for penetration testing. Since 2006, it has been downloaded three million times and has become the most widely used collection of penetration testing tools. BackTrack is funded by Offensive Security who, in turn, teach people how to use it.
Penetration Testing with BackTrack (PWB) is a phenomenal course that is well respected in corporate and open source circles alike. The fact that Metasploit Pro is now included in the course is excellent - and it makes sense. Feedback from industry experts on VPN pivoting in Metasploit Pro has been fantastic (check out this VPN pivoting introduction and this VPN pivoting how-to) but the question that keeps coming up is: What can I do once I have set up a VPN pivot?
Penetration testers using Metasploit Pro can now route all BackTrack
Linux tools through a compromised target using VPN pivoting
Installing Metasploit Pro on BackTrack answers that question ten-fold. BackTrack has a ridiculous amount of reconnaissance, analysis and attack tools for you to choose from. In addition to running Metasploit Pro, how about some packet analysis with Wireshark? Maybe a nice man-in-the-middle attack to intercept PII (personally identifiable information) with Ettercap? How about we find a vulnerable wireless access point and clone it to grab everything from everybody using Karmetasploit (also an HD Moore project)? Using Metasploit Pro's VPN pivoting, you can tunnel all of these tools through a pwned host.
There are over 300 different tools that ship with BackTrack for every type of penetration testing work imaginable. Once you open the door with Metasploit Pro, the sky is the limit. You can find the Offensive Security blogpost here. An excerpt:
"On a more personal note, like many people, I was a little uncertain when hearing about the acquisition of Metasploit by Rapid7 but they have demonstrated that they are dedicatedto keeping the open-source version of Metasploit alive and well and Metasploit Pro is clearly an excellent product. From the ability to import multiple external file formats to the VPN pivoting to thewide range of reporting options, Metasploit Pro will be a great timesaver for those who choose to use it as their penetration testing tool of choice."
A big thank-you shout out to our friends at Offensive Security!