• Built-in modules as well as vulnerabilities external to Metasploit can be used to
escalate privileges.
• Using Meterpreter’s ability to set routes through sessions
created allows you to
pivot to other networks.
• Injecting shell code into running processes as well as using post-exploitation
modules can be used to create backdoors.
• Kali has many ways to research vulnerabilities and exploits, including
searchs‐
ploit
.
Useful Resources
• Offensive Security’s free ethical hacking course,
“Metasploit Unleashed”
• Ric Messier’s
“Penetration Testing with the Metasploit Framework” video
(Infin‐
ite Skills, 2016)
Useful Resources | 203
CHAPTER 7
Wireless Security Testing
To paraphrase Irwin M. Fletcher, it’s
all wireless today, fellas. It really is. Nearly all of
my computers don’t have a way to connect a physical cable anymore. The 8-wire RJ45
jacks used for wired Ethernet are gone because the form factor of the jack was just too
large to be accommodated in today’s narrow laptop designs. In the old,
old days when
we relied on PCMCIA cards for extending the capabilities of our laptops, cards had
click-out connectors that could accept the Ethernet cables. The problem was that they
were typically thin and easy to snap off.
Desktop computers, of course, should you
still have one, will generally have the RJ45
jack for your Ethernet cable, but increas‐
ingly even those have the ability to do Wireless Fidelity (WiFi) directly on the moth‐
erboard.
All of this is to say the future is in wireless in one form or another. Your car and your
phone talk wirelessly. Your car may even talk to your home network wirelessly. Ther‐
mostats, door locks, televisions,
light bulbs, toasters, refrigerators, Crock-Pots, you
name it—versions of all of these products probably have
wireless capability of some
sort. This is why wireless testing is so important and why a fair number of tools will
cover a range of wireless protocols. Over the course of this chapter, we will cover the
wireless protocols that Kali Linux supports with testing tools.
