I was trying to get a copy of Metasploit on to my thumbdrive, and I ended up getting virus warnings about several infected files, including a registry key.
Thoughts?
Was it a bad idea for me to attempt to download Metasploit?
I was trying to get a copy of it on to my thumbdrive, and I ended up getting virus warnings about several infected files, including a registry key.
Thoughts?
Dom
-whoopsiedoodle.
If you need to ask that question then you shouldn't bother downloading metasploit.
Was it a bad idea for me to attempt to download Metasploit?
I was trying to get a copy of it on to my thumbdrive, and I ended up getting virus warnings about several infected files, including a registry key.
Thoughts?
Depends on what you're trying to achieve. Metasploit is a very useful tool for probing and exploting vulnerabilities – and so it comes with lots of exploit code. Which is just what malware protection software tries to catch.
If you are using an inflexible malware protection, you've probably got most of it deleted or quarantined.
But that's par for the course if you plan to do any pen testing you either choose a decent malware scanner that allows you to have the last word, or you don't use one at all. But I suspect you'll find the pen test experts in other forums – there seems to be little use for Metasploit in CF.
It's a bit like trying to bring a 'do-it-yourself-murder' kit, containing all kinds of strange scalpels and razors, through airport security without anything identifying you as having a legitimate use for such devices.
Thanks for the non-snarky answer.
I want to have Metaspoit in order to be able to fiddle with it and understand it. But, the malware detector is going to see Metasploit as exactly the bad thing that it is supposed to be catching.
In Forensic terms, the value of Metasploit is in understanding the sorts of tools and techniques that the "other guy" is going to use to attack a system.
Dom
-can see where the problem arose….
If you're trying to learn how hackers do their thing then just understanding metasploit is the tip of the iceberg. You should look at the wider context, around portscanners and vulnscanners, banner grabbing and OS fingerprinting, phishing and malware and networks and everything in between.
Best way to do all of that is to download backtrack and have a play on your own computer, theres some VM images of exploitable machines that you can download to try. But you really need to play with a linux box like backtrack.