Priveon Labs Security Blog

 
« Application Whitelisting and MS AuthenticodeEOL for the Cisco Security Agent »

Extend MetaSploit Meterpreter Ruby to Allow Direct Windows API Calls (Railgun)

06/14/10

Permalink 11:58:08 am, by Zach Brewer, 75 words
Categories: General Security, Pen Testing

Extend MetaSploit Meterpreter Ruby to Allow Direct Windows API Calls (Railgun)

An interesting MetaSploit extension was recently posted to the MetaSploit mailing list. Railgun is an extension that allows for direct access to the Windows API (any existing or uploaded DLL on the target system) through Meterpreter. Railgun knows around 1000 API calls out of the box and additional calls can be added through simple Meterpreter/Railgun commands.

Note, this is not an offiical MetaSploit/Rapid7 extension and you assume all risk for downloading the Railgun extension.

PermalinkPermalink

Priveon, Inc.

Today's complex security and networking solutions require a great deal of knowledge to successfully support and operate. Priveon uses the field experience of its expert staff to develop and maintain a positive reinforcement loop between business practices and to provide the latest information to our customers. The information posted here is supported by Priveon subject-matter experts.

Search

Categories

XML Feeds

What is RSS?

Archives

©2010 by Priveon, Inc.