Date of Award

12-2022

Degree Type

Thesis

First Advisor

Christopher Ivancic

Second Advisor

Timothy Nix

Third Advisor

Brian Barngrover

Fourth Advisor

Jeffrey Zheng

Abstract

Metasploit Framework is a very popular collection of penetration testing tools. From auxiliaries such as network scanners and mappers to exploits and payloads, Metasploit Framework offers a plethera of apparatuses to implement all the stages of a penetration test. There are two versions: both a free open-source community version and a commercial professional version called Metasploit Pro. The free version, Metasploit Framework, is heavily used by cyber crimininals to carry out illegal activities to gain unauthorized access to targets.

In this paper, I conduct experiments in a virtual environment to discover whether attacks originated from Metasploit Framework are marked with unique patterns and features so that these special characteristics can help identify and block Metasploit Framework attacks. Inside this virtual environment, I will set up two virtual machines: one attacker and one victim. The victim machine is designed to have vulnerabilities for penetration testing. The attacker virtual machine will attack the victim machine by using Metasploit Frameowrk. Wireshark will be used to capture and analyze the packets. The conclusion reached from the experiment results is that, even though the attacks from Metaploit Framework share certain common patterns, these characteristics are not significant enough to be used to create scanners or alerts with to keep victim machines immune from the attacks. The Metasploit Framework attacks keep evolving and it is still a very lofty goal to block cyber attacks from Metasploit Framework. This paper shares the experiment process, data and insight with readers.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Download

Share

COinS

Tell us how this article helped you.

 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.