As an IT Administrator, your role is to ensure that the company SharePoint Environment is not only built correctly but also securely. SharePoint does not have a mechanism that notifies you how secure or insecure the system may be. Using Metasploit and some associated tools, you will be able to simulate attacks whether from inside or external to the network. This will allow you to know how secure your SharePoint Environment is, well until your users get access.
Exploitation and Payload Techniques Exploitation and Payload Techniques. In this module we'll focus on the exploitation steps. We'll then look at creating an executable payload, and then we'll look at creating a reverse shell using Meterpreter, and we'll do that in multiple ways. First off, we'll do it using the executable payload that we generated, and then we'll do it using Metasploit itself. The exploitation steps can be broken into four blocks. The first one that we've talked about in previous modules is to identify targets. So we're going to be trying to run network scans, ping commands, whatever it would be to try and identify the IP addresses of the machines, target devices, whatever it would be that we wish to exploit. Then we'll actually select the exploit that we wish to use, whether it's going to be a HTTP exploit, whether it's a Windows exploit, whether it's something else. Something that's a vulnerability in the target machine or device. Once we've packaged and chosen the exploit, then we'll create a listener, and the listener is the piece on our hack machine that the target machine will communicate back to. Once we've identified the target, chosen the exploit, and configured it for a listener, then we actually run the exploit itself, whether that's as simple as double-clicking an executable, opening a pdf, browsing to a malicious website, or we just a brute-force of pushing something perhaps over an SMB attack. The same process is the same. It runs and creates that listener back in our hack machine. So let's get straight to it. Let's look at creating a standalone executable payload, and then we'll look at creating reverse shell using Meterpreter, and we'll also look at a couple of different ways of how to utilize those payloads.
Pivoting, Port Forwarding, Token Stealing, and Impersonation Hello, and welcome to this module, Pivoting, Port Forwarding, Token Stealing, and Impersonation. In this module we'll run commands remotely on a target machine, we'll relay traffic through using port forwarding, and then we'll look at elevating security access through the use of a tool called Incognito that's built into Metasploit.
Metasploit and SharePoint Welcome to this module, module six, Metasploit and SharePoint. In this module we'll go through some basic reconnaissance as we look for target machines. We'll scan for those server targets, we'll gain access to them, and then we'll look at maintaining access to be able to get in afterwards. This module will focus on bringing everything together that we've learnt so far into a real world environment. Our environment that we'll be using has a hacker machine, three servers connected to a network. We then have our hacker machine connected to an outside network with a middle tier box, so we're using the same environment that we used earlier. These machines are all connected. You'll see we have Metasploit on the one side, a Windows 8. 1 machine as the middle gateway, and then we have a domain controller, SharePoint, and then the most important box in all of the equation, the database on the far side, SQL 2014. And our steps for this process are we want to gain access to the SharePoint environments, we want to use Metasploit to be able to gain access to those, but more importantly, we also want to look at the surrounding applications and use those as a gateway access into the SharePoint environment. So let's get straight to it. Let's scan for targets. Let's fingerprint them. Let's look at payload and exploitation configuration. Let's look at exploiting Active Directory, and then exploiting the SQL Server.
Protecting SharePoint from Metasploit Hello, and welcome to this module, module seven, Protecting SharePoint from Metasploit. Now in the past six modules we have focused on learning Metasploit, and then looked at attacking various auxiliary server components such as SQL and Active Directory as a means to get to the SharePoint environment. In this module, however, we'll actually go back and deconstruct the attack and we'll look at blocking the Active Directory attack, just some simple things we can do that would have stopped that from happening. We'll block the SQL Server attack and go through the same process, and then we'll look at protecting SharePoint as a whole from those kind of attacks. So let's get straight to it. Let's go and look at how to block the Active Directory attack.