Metasploit Tool Finds Vulnerable Services

Monday, March 6, 2017 @ 02:03 PM gHale


There is now an open source tool that can copy vulnerable services and help researchers get more from Metasploit.

Designed to help security researchers understand security from the attacker’s perspective, Metasploit, while a very useful tool, had a deficiency because the researcher needed to have the vulnerable services in hand.

RELATED STORIES
Microsoft Doubles Bug Rewards – For Now
Decryptor for MacOS Ransomware
New Messy Mac Ransomware
Updated Ransomware Includes RaaS

Vulnerable OS images have previously been available, but they weren’t enough, as only a “small subset of the thousands of Metasploit modules available for users” were in them.

Available on GitHub, the Vulnerable Services Emulator, however, comes to solve that problem, Rapid7’s Jin Qian said in a blog post. It is a framework to allow researchers to easily copy the vulnerable services for penetration testing purposes.

“Right now, it emulates over 100 vulnerable services, covering things like compromising credentials, getting a shell from the victim, and more,” Qian said. “After going through module exercises, users can learn details about security vulnerabilities and how to test them, and are encouraged to continue to learn and play with Metasploit’s capabilities.”

The tool is easy to install and use, Qian said. It requires a working Perl installation for Windows, Mac or Linux. Moreover, the emulator is language independent, with the service emulation in JSON format.

One thing that users should keep in mind when running the emulator, however, is “the commands typed on the shell session spawned are actually executed on the target.” Anyone using the emulator should run it in a safe environment to avoid any issues.

The goal of the Vulnerable Services Emulator is to help IT professionals and engineers easily test Metasploit modules, as well as to get training on Metasploit. At the moment, the tool includes support for over 100 emulated vulnerable services, but work is being done to add “as many of the 1000+ modules in Metasploit as possible.”



Leave a Reply

You must be logged in to post a comment.