O'Reilly logo

Mastering Metasploit by Nipun Jaswal

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Porting a web-based exploit

The web-based exploits that we are going to cover here are based on web application attacks. The idea behind these exploits is to present Metasploit as a successful testing software for web applications too. In the upcoming section, we will see how we can make exploits for popular attack vectors such as SQL injections and so on. The motive here is to get familiar with web and HTTP functions in Metasploit and their corresponding library functions.

Dismantling the existing exploit

In this case study, we will be talking specifically about SQL injections. However, there are tons of other attack vectors that can be covered in Metasploit. Nevertheless, our motive here is just to get ourselves familiarized with HTTP libraries ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required