AnsweredAssumed Answered

Just read OffSec's docs on metasploit, got some questions.

Question asked by Theodoros Ntakouris on Jan 2, 2017
Latest reply on Jan 12, 2017 by Theodoros Ntakouris

Hello guys, new member here!

 

Let me get a few things straight: I am already an intermediate-level programmer in Java (ready to hire I'd say). I got experience with linux and technologies like docker, etc, so go hard on me . I recently  read through OffSec's metasploit documentation (https://www.offensive-security.com/metasploit-unleashed/ - almost everything) and I wan't to ask some stuff.
1. Why do I see tutorials/posts of people not importing nmap scans to msf, while also saving to a file for later use? They do use metasploit afterwards...
2. When does meterpreter start to get detectable by anti-virus systems? I know that Reflective DLL loading is very hard to detect if it doesnt touch the disk, but nearly all meterpreter commands touch the disk.
3. Are more than 4 (or more than 1, really) encoder passes worth it in order to evade antivirus (I get the whole prohibited characters issue, but avoiding antiviruses that easy seems a lie )
4. Are there any serious advantages that nmap has over metasploit's port scanners? It would be great if you could name a few
5. Do encoders add NOP slides automatically at random , or with some predefined strategy?
6. Why do some post exploits (e.g. running _ after establishing meterpreter with a window machcine), tell you other possible vulnerabilities to exploits? Isn't it kinda useless? You already got control of the machine
7. What's up with the whole ssltrip thing? Does it really shows 503 errors on the victim's computer, slows down the internet connection and occasionally fails to work whenever hsts headers have already been received from the victim?
P.S. NCat is amazing

Outcomes