Professional Documents
Culture Documents
Download textbook Metasploit Penetration Testing Cookbook Evade Antiviruses Bypass Firewalls And Exploit Complex Environments With The Most Widely Used Penetration Testing Framework 3Rd Edition Daniel Teixeira ebook all chapter pdf
Download textbook Metasploit Penetration Testing Cookbook Evade Antiviruses Bypass Firewalls And Exploit Complex Environments With The Most Widely Used Penetration Testing Framework 3Rd Edition Daniel Teixeira ebook all chapter pdf
https://textbookfull.com/product/quick-start-guide-to-
penetration-testing-with-nmap-openvas-and-metasploit-1st-edition-
sagar-rahalkar/
https://textbookfull.com/product/penetration-testing-with-kali-
linux-offensive-security/
https://textbookfull.com/product/mastering-metasploit-take-your-
penetration-testing-and-it-security-skills-to-a-whole-new-level-
with-the-secrets-of-metasploit-3rd-edition-nipun-jaswal/
Penetration Testing with Raspberry Pi - Second Edition
Mcphee
https://textbookfull.com/product/penetration-testing-with-
raspberry-pi-second-edition-mcphee/
https://textbookfull.com/product/penetration-testing-with-kali-
linux-oscp-offensive-security/
https://textbookfull.com/product/learning-kali-linux-security-
testing-penetration-testing-and-ethical-hacking-first-edition-
messier/
https://textbookfull.com/product/kali-linux-wireless-penetration-
testing-beginners-guide-third-3rd-edition-cameron-buchanan/
https://textbookfull.com/product/practical-web-penetration-
testing-secure-web-applications-using-burp-suite-nmap-metasploit-
and-more-1st-edition-gus-khawaja/
Metasploit Penetration Testing
Cookbook
Third Edition
Daniel Teixeira
Abhinav Singh
Monika Agarwal
BIRMINGHAM - MUMBAI
Metasploit Penetration Testing Cookbook
Third Edition
Copyright © 2018 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form
or by any means, without the prior written permission of the publisher, except in the case of brief quotations
embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented.
However, the information contained in this book is sold without warranty, either express or implied. Neither the
authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to
have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products
mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy
of this information.
ISBN 978-1-78862-317-9
www.packtpub.com
Contributors
To my wife and daughter for their continued support, patience, and encouragement, and to
my parents, for without them, none of this would have been possible.
Abhinav Singh is a well-known information security researcher. He is the author of
Metasploit Penetration Testing Cookbook (first and second editions) and Instant Wireshark
Starter, by Packt. He is an active contributor to the security community—paper publications,
articles, and blogs. His work has been quoted in several security and privacy magazines,
and digital portals. He is a frequent speaker at eminent international conferences—Black
Hat and RSA. His areas of expertise include malware research, reverse engineering,
enterprise security, forensics, and cloud security.
I'd like to thank my grandparents for their blessings and my parents for their constant
support—without them, nothing would've been possible in this world. I'd like to thank my
sister for being my doctor and taking care of my fatigue level; my wife for being my
constant timekeeper and a patient listener; Manchester United for teaching me the value of
hard work; and Packt for helping me reach a major career milestone.
Monika Agarwal is a young Information Security Researcher from India. She has presented
many research papers at both national and international conferences. She is a member of
IAENG (International Association of Engineers). Her main areas of interest are ethical
hacking and ad hoc networking.
I would like to thank my parents, my husband, Nikhil, and give special thanks to my
father-in-law and mother-in-law for always being so supportive. And last but not the least,
Packt, for giving me this opportunity.
Mapt is an online digital library that gives you full access to over 5,000 books and videos, as
well as industry leading tools to help you plan your personal development and advance
your career. For more information, please visit our website.
Why subscribe?
Spend less time learning and more time coding with practical eBooks and Videos
from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
PacktPub.com
Did you know that Packt offers eBook versions of every book published, with PDF and
ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a
print book customer, you are entitled to a discount on the eBook copy. Get in touch with us
at service@packtpub.com for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a
range of free newsletters, and receive exclusive discounts and offers on Packt books and
eBooks.
Table of Contents
Preface 1
[ ii ]
Table of Contents
Getting ready 57
How to do it... 58
UDP Service Sweeper 59
How to do it... 59
SMB scanning and enumeration 60
How to do it... 60
Detecting SSH versions with the SSH Version Scanner 63
Getting ready 64
How to do it... 64
FTP scanning 65
Getting ready 65
How to do it... 66
SMTP enumeration 66
Getting ready 67
How to do it... 67
SNMP enumeration 67
Getting ready 68
How to do it... 68
HTTP scanning 69
Getting ready 69
How to do it... 70
WinRM scanning and brute forcing 72
Getting ready 72
How to do it... 72
Integrating with Nessus 73
Getting ready 74
How to do it... 75
Integrating with NeXpose 80
Getting ready 80
How to do it... 81
Integrating with OpenVAS 82
How to do it... 82
Chapter 3: Server-Side Exploitation 88
Introduction 88
Getting to know MSFconsole 90
[ iii ]
Table of Contents
MSFconsole commands 90
Exploiting a Linux server 91
Getting ready 92
How to do it... 93
How it works... 96
What about the payload? 96
SQL injection 98
Getting ready 98
How to do it... 99
Types of shell 100
Getting ready 101
How to do it... 101
Exploiting a Windows Server machine 104
Getting ready 104
How to do it... 105
Exploiting common services 110
Getting ready 110
How to do it 110
MS17-010 EternalBlue SMB Remote Windows Kernel Pool
Corruption 111
Getting ready 112
How to do it... 112
MS17-010 EternalRomance/EternalSynergy/EternalChampion 113
How to do it... 113
Installing backdoors 114
Getting ready 114
How to do it... 114
Denial of Service 119
Getting ready 120
How to do it... 120
How to do it... 122
Chapter 4: Meterpreter 123
Introduction 124
Understanding the Meterpreter core commands 125
Getting ready 126
[ iv ]
Table of Contents
[v]
Table of Contents
[ vi ]
Table of Contents
[ vii ]
Table of Contents
[ viii ]
Table of Contents
[ ix ]
Table of Contents
[x]
Table of Contents
[ xi ]
Table of Contents
Index 393
[ xii ]
Preface
Welcome to Metasploit Penetration Testing Cookbook, Third Edition. This book covers various
recipes of performing penetration testing over different platforms using the Metasploit
Framework.
The book will guide you on how to perform a penetration test using the Metasploit
Framework and following the penetration testing execution standard (PTES). Starting with
the basics of information gathering using several auxiliary modules that help you profile
your target and gradually introducing you to advanced topics, such as porting exploits and
building your modules, it will show you how to build a penetration test lab environment,
where you will learn how to find vulnerabilities by enumerating and scanning the different
targets with Metasploit, how to exploit targets using server-side vulnerabilities, and how to
master Meterpreter capabilities while performing post-exploitation.
You will use MSFvenom with custom encoders and trusted certificates to evade anti-virus
solutions, bypass firewalls, and compromise secure networks. This book will show you why
client-side attacks are the number one method to compromise organizations and how to use
Metasploit to mimic the same tactics and techniques used by advanced adversaries. You
will learn how to work with modules, build your own modules, add exploits to the
Metasploit Framework, and leverage Metasploit while performing wireless and cloud-
based penetration tests. It will take your penetration skills to the next level by showing you
how to think and act like the adversary using the most advanced penetration testing
framework in the world.
Chapter 2, Information Gathering and Scanning, discusses passive and active information
gathering with Metasploit, port scanning, scanning techniques, enumeration,
and integration with scanners such as Nessus, NeXpose, and OpenVAS.
Chapter 3, Server-Side Exploitation, includes Linux and Windows server exploitation, SQL
injection, backdoor installation, and Denial of Service attacks.
Chapter 7, Client-Side Exploitation and Antivirus Bypass, explains how to exploit a Windows
10 machine, antivirus and IDS/IPS bypasses, macro exploits, Human Interface Device
attacks, HTA attacks, how to backdoor executables using a MITM attack, and how to create
a Linux trojan and an Android backdoor.
Chapter 8, Social-Engineer Toolkit, includes how to get started with the Social-Engineer
Toolkit, spear-phishing attack vectors, website attack vectors, working with the multiattack
web method, and infectious media generation.
Chapter 9, Working with Modules for Penetration Testing, covers auxiliary modules, DoS
attack modules, post-exploitation modules, and module analyzing and building.
Chapter 10, Exploring Exploits, covers common exploit mixins, generating shellcode with
MSFvenom, converting exploits to Metasploit modules, fuzzing with Metasploit, and how
to write a simple fuzzer.
[2]
Preface
Chapter 11, Wireless Network Penetration Testing, Metasploit and wireless, includes evil twin
attacks, Karmetasploit, wireless MITM attacks, and SMB relay attacks.
Chapter 12, Cloud Penetration Testing, covers how to use Metasploit in the cloud, Metasploit
PHP Hop, performing phishing attacks from the cloud, and setting up a cloud penetration
testing lab.
Chapter 13, Best Practices, includes using Metasploit over the Tor network, Metasploit
logging, documentation, and cleaning up.
Conventions used
There are a number of text conventions used throughout this book.
CodeInText: Indicates code words in text, database table names, folder names, filenames,
file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an
example: "Mount the downloaded WebStorm-10*.dmg disk image file as another disk in
your system."
[3]
Preface
def initialize(info={})
super( update_info( info,
'Name' => 'Windows Gather Run Specified WMIC Command',
Bold: Indicates a new term, an important word, or words that you see onscreen. For
example, words in menus or dialog boxes appear in the text like this. Here is an example:
"In VMware Fusion, go to Preferences, select the Network tab, and create a custom
network."
Sections
In this book, you will find several headings that appear frequently (Getting ready, How to do
it..., How it works..., and There's more...).
To give clear instructions on how to complete a recipe, use these sections as follows:
Getting ready
This section tells you what to expect in the recipe and describes how to set up any software
or any preliminary settings required for the recipe.
[4]
Preface
How to do it…
This section contains the steps required to follow the recipe.
How it works…
This section usually consists of a detailed explanation of what happened in the previous
section.
There's more…
This section consists of additional information about the recipe in order to make you more
knowledgeable about the recipe.
Get in touch
Feedback from our readers is always welcome.
General feedback: Email feedback@packtpub.com and mention the book title in the
subject of your message. If you have questions about any aspect of this book, please email
us at questions@packtpub.com.
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes
do happen. If you have found a mistake in this book, we would be grateful if you would
report this to us. Please visit www.packtpub.com/submit-errata, selecting your book,
clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the internet, we
would be grateful if you would provide us with the location address or website name.
Please contact us at copyright@packtpub.com with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in
and you are interested in either writing or contributing to a book, please visit
authors.packtpub.com.
[5]
Preface
Reviews
Please leave a review. Once you have read and used this book, why not leave a review on
the site that you purchased it from? Potential readers can then see and use your unbiased
opinion to make purchase decisions, we at Packt can understand what you think about our
products, and our authors can see your feedback on their book. Thank you!
Disclaimer
The information within this book is intended to be used only in an ethical manner. Do not
use any information from the book if you do not have written permission from the owner of
the equipment. If you perform illegal actions, you are likely to be arrested and prosecuted
to the full extent of the law. Packt Publishing does not take any responsibility if you misuse
any of the information contained within the book. The information herein must only be
used while testing environments with proper written authorizations from appropriate
persons responsible.
[6]
Metasploit Quick Tips for
1
Security Professionals
In this chapter, we will cover the following recipes:
Introduction
Metasploit is currently the world's leading penetration-testing tool, and one of the biggest
open-source projects in information security and penetration testing. It has totally
revolutionized the way we can perform security tests on our systems. The reason
Metasploit is so popular is the wide range of tasks that it can perform to ease the work of
penetration testing to make systems more secure. Metasploit is available for all popular
operating systems. The working process of the framework is almost the same for all of
them. In this book, we will primarily work on Kali Linux as it comes with the preinstalled
Metasploit Framework and other third-party tools which run over the framework.
Let's proceed with a quick introduction to the framework and the various terminologies
related to it:
[8]
Metasploit Quick Tips for Security Professionals Chapter 1
The Metasploit Framework has a modular architecture and the exploits, payload, encoders,
and so on are considered to be separate modules:
Metasploit uses different libraries that hold the key to the proper functioning of the
framework. These libraries are a collection of predefined tasks, operations, and functions
that can be utilized by different modules of the framework. The most fundamental part of
the framework is the Ruby extension (Rex) library. Some of the components provided by
Rex include a wrapper socket subsystem, implementations of protocol clients and servers, a
logging subsystem, exploitation utility classes, and a number of other useful classes. Rex
itself is designed to have no dependencies, other than what comes with the default Ruby
installation.
Then we have the MSF Core library that extends Rex. Core is responsible for implementing
all of the required interfaces that allow for interacting with exploit modules, sessions, and
plugins. This core library is extended by the framework base library, which is designed to
provide simpler wrapper routines for dealing with the framework core, as well as
providing utility classes for dealing with different aspects of the framework, such as
serializing a module state to different output formats. Finally, the base library is extended
by the framework's user interface (UI) that implements support for the different types of
UIs to the framework itself, such as the command console and the web interface.
There are two different UIs provided with the framework, namely msfconsole and a web
interface. Checking out bought interfaces is highly recommended but, in this book, we will
primarily work on the msfconsole interface. This is because msfconsole provides the best
support to the framework, leveraging all of the functionalities.
[9]
Metasploit Quick Tips for Security Professionals Chapter 1
The msfconsole interface is by far the most talked-about part of the Metasploit
Framework, and for good reason, as it is one of the most flexible, character-rich, and well-
supported tools within the framework. It actually provides a handy all-in-one interface for
every choice and setting attainable in the framework; it's like a one-stop shop for all of your
pen-testing dreams. We can use msfconsole to do anything, including launching an
exploit, loading an auxiliary, executing enumeration, producing listeners, or executing mass
exploitations in contrast to an entire network.
A web interface is available for you to work with Metasploit Community, Express, and Pro.
To launch the web interface, open a web browser and go to https://localhost:3790.
To see the operating systems that are currently supported and the
minimum system requirements, please visit https://www.rapid7.com/
products/metasploit/system-requirements.
Getting ready
You will notice that there are four editions of Metasploit available:
To follow along with this book, it is recommended to download the latest framework
edition of Metasploit (https://windows.metasploit.com/metasploitframework-latest.
msi), which contains the console and all other relevant dependencies.
[ 10 ]
Metasploit Quick Tips for Security Professionals Chapter 1
How to do it...
Once you have completed downloading the installer, simply run it and sit back. It will
automatically install all the relevant components. Once the installation is complete, you can
access the framework through various shortcuts created by the installer:
[ 11 ]
Another random document with
no related content on Scribd:
Charlie. Nonthenth! The’ll never know who told. You might ath
well make five dollarth.
Polly. But Mr. Van Tromp might tell.
Reg. (with extreme dignity). Mr. Van Tromp is too much of a
gentleman to either bwibe or tell tales.
Charlie. But he’ll lithen all the thame!
Polly (fearfully). She’s going to wear a white silk one with cardinal
ribbons, and a black lace veil.
Stuart (laughing). I thought that would get rid of them. Well, have
you shown Miss Wortley that you can still be occasionally jolly?
Fred (gloomily). I haven’t had the chance. She must be in her
room, for I’ve looked everywhere else for her. Not that it’s much loss.
I know I should not have been in the mood to please her.
Stuart. That’s because you don’t try hard enough.
Fred (bitterly). Hear the bachelor talk of making love!
Stuart. You think me ignorant?
Fred. Rather,—judging from the results.
Stuart (resting hand on Fred’s shoulder). Fred, I’m not the kind of
a man who lets the world know what he’s thinking about. With all
due respect to a young fellow who is not far distant, it doesn’t pay to
show one’s feelings too much. But I’m going to tell you my bit of
romance as an object-lesson. Two months ago I met the most
charming woman in the world, and could no more help falling in love
—
Fred (looking up in surprise). What! The ideal bachelor in love?
Stuart. I don’t see why two and forty should be debarred from that
universal sensation, any more than four and twenty.
Fred. Oh, of course not,—only, to make an Irish bull, we had all
grown to think you as wedded to celibacy.
Stuart. There are divorces and desertions in celibacy as well as in
matrimony. Well, I love this woman; I don’t think she loves me,—
though you never can tell with a clever one, and sometimes I think
she is beginning to like me, because she—because she tries to make
me believe she is worse than she is. She delights in making me think
she’s a devil, which shows that she is a bit afraid of me. I’ve never
said a word of my love to her, but she knows it as well as I do. But
nobody else dreams of it. I don’t make my attentions so obvious that
every one sees them, and so cause her embarrassment whenever I
even come into the room. I don’t cut up rough if she talks or dances
with other fellows. I simply try to be pleasant and useful enough to
make her prefer my society to that of any other man.
Fred (sighing). Well, of course you are right, but—tell me what you
think I ought to do.
Stuart (walking to desk and holding bell). What do you suppose
would happen if I rang this?
[Rings.
Fred. That doesn’t answer my question.
Stuart. I want to see if the bell won’t save me the trouble.
Enter Polly, l. d.
Polly. Did you ring, sir?
Stuart. Yes, I want to find out if you told the truth about Miss
Wortley’s domino?
Polly (embarrassed). Well, sir, Miss Wortley has two dominos,
and I don’t know which she intends to wear first.
Stuart. What is the other domino like?
Polly. It’s blue with silver lace.
Stuart. What will you charge me to wear the white and cardinal
one this evening, leaving Miss Wortley only the blue and silver one?
Polly (eagerly). Oh, Mr. Stuart, that’s just what I’ve wanted to do,
but haven’t dared! Please don’t tempt me.
Stuart. Fudge! If you’ll do as I’ll tell you, you shall have a year’s
wages to-morrow.
Polly. Gracious!!
Stuart. Is it a bargain?
Polly (eagerly). Yes, sir. What am I to do?
Stuart. H’m. Can you write a good hand?
Polly. Ask Mr. Stevens?
Stuart (reproachfully). Oh, Fred!!
Fred. I don’t know what she means.
Polly. I wrote that note to-day thanking you for the flowers: I write
nearly all Miss Wortley’s notes.
Fred. Bosh!
[During letter-writing he
surreptitiously dives
into inside pocket and
produces glove,
handkerchief, faded
flowers, and letters tied
with ribbon. Examines
letters, and then crosses
to mantel, tears them
up, and throws them
into fire.
[Sits at desk—business of
letter-writing.
Stuart. “My own: Driven to the verge of desperation by the
parasites who cluster about my wealth, I long for nothing but a
refuge. This you can give me, and if you cherish one emotion of
tenderness for me, you will be in the little morning room at twelve.
A.” Address that to Newbank. Now take another sheet. “Reginald: If
you have one spark of affection for me, keep me no longer in
suspense! I shall be in the little morning room over the supper-room
at ten minutes after twelve. Fly then to your loving but unhappy A.”
Address that to Van Tromp. Now, Polly, you must deliver those notes
in person, get into Miss Wortley’s domino, and be here at that time.
Newbank will propose to you, and you must accept him and get rid of
him. Then you must do the same to Van Tromp. Understand?
Polly. Yes, Mr. Stuart.
Stuart. And you mustn’t let them find out their mistake till to-
morrow.
[Exits Polly b. d.
[Looks about.
Fred. But that doesn’t tell me why you asked me to bring you here.
Mrs. V. T. Perhaps to cheat you out of your dance with our host’s
pretty daughter.
Fred. I might answer you in kind. But it’s fairer to tell you that
your mask is no disguise.
Mrs. V. T. You know me?
Fred. Yes. You are “our host’s pretty daughter.”
Mrs. V. T. I am but a poor actress if I have played my part so badly.
Fred. Indeed, no. Even now I find it hard to believe, your acting is
so perfect. If I had not known your domino, I should never have
recognised you.
Mrs. V. T. My domino?
Fred. I overheard it mentioned. I was sorry to learn your secret,
but really I couldn’t help it.
Mrs. V. T. It really does not matter. But I am glad you told me.
Most men would have kept mum and let me talk on about “our host’s
pretty daughter,” and then have never let me hear the last of it.
Fred. I’m afraid I’m no better than the rest of my sex, Miss
Wortley. With most women I should have done that.
Mrs. V. T. And why am I an exception?
Fred. I didn’t want to deceive you.
Mrs. V. T. Why not?
Fred. Because I wanted you to think well of me.
Mrs. V. T. Why, I do that already. If you only knew how I respected
and admired the men who have been real friends, and not seekers of
my money!
Fred. Miss Wortley, I thank you for your kind thoughts of me, but
you mustn’t think them any longer.
Mrs. V. T. Why not?
Fred. Because I don’t deserve them. Do you remember our first
meeting?
Mrs. V. T. (aside). Gracious! I hope I’m not to be cross-examined.
(Aloud, hesitatingly.) It was on a yacht, wasn’t it?
Fred. After that cruise I came back to my desk and bachelor
quarters, but neither they nor I have been the same since. It’s always
seemed to me as if a bit of heaven had come into my life in those
days. Every hour since has been consecrated to an ideal. I have
worked as I was never able to work before. And why? Because I was
straining every fibre to win money and position enough to be able to
come to you and say: “Miss Wortley, I love you as a man must love
one so sweet and beautiful. I’m not rich, but if you can care for me
enough to make a few sacrifices I will try and keep you from
regretting them, by love and tenderness.”
Mrs. V. T. But, Mr. Stevens, you seem to forget that the man I
marry will be made rich at once. (Aside.) Ugh, I feel like a brute.
Fred. I’ve tried to forget it, but I couldn’t. It has come between us
in the past; is it to do so in the future?
Mrs. V. T. Mr. Stevens, I can’t tell you my grief in finding you like
the rest of my disinterested masculine friends.
Fred (hotly). You think I care for your money?
Mrs. V. T. What else can I think? (Aside.) You cat!
Agnes (starting to pull aside curtain, sotto voce to Stuart). Oh! I
mustn’t—
Stuart (checking her). No, don’t interfere, Mrs. Van Tromp. Let
the poor fellow take the whole dose while he’s about it.
Fred (who has gone up back and now comes down). Miss
Wortley, do you realize what you are saying? In the last minute you
have three times deliberately insulted me. Say you don’t love me, if
that is so, but don’t impute shameful motives to my love. It is of
value to me if worthless to you.
Mrs. V. T. Mr. Stevens, frankness under such circumstances is best
for all. Put yourself in my place. I am an heiress, with expectations
from my father. You acknowledge yourself that you are poor. Don’t
blame me if I draw my own conclusions.
Fred. But I will blame you, and it is the last time I shall ever
trouble you. You ask me to put myself in your place: let us try the
reverse. I offer you a love as true and unmercenary as was ever
offered a woman. What do I deserve at your hands? Mercy, at least.
But instead, you—you have not been content to reject it—you have
poisoned it forever.
[Comes out c.
Stuart. Here is the minx who can make all clear. Polly, did Mr.
Newbank propose to you?
Polly. Yes, sir.
Reg. Oh, deah, how funny! Haw, haw, haw! But then, people in his
station always do take maids. Pwoposing to a servant!
Polly. But you proposed to me too, Mr. Van Tromp.
Charlie (laughing very hard). Holy Motheth, but I thall thertainly
die of laughing!
Polly. Please, Miss Wortley, forgive me?
Stuart. Yes. Remember what she has done for (points to Fred and
Agnes) you two.
Fred. And for (pointing at Stuart and Mrs. V. T.) those two.
Agnes. But she must have a lesson.
Stuart. Why, we’ve all had a lesson—on the mysterious means
Cupid employs to accomplish his purposes.
Mrs. V. T. Verily ’tis so:
“Love goes by haps,
Some Cupid kills with arrows, some with traps.”
Curtain
TRANSCRIBER’S NOTES
1. Silently corrected obvious typographical errors and
variations in spelling.
2. Retained archaic, non-standard, and uncertain spellings
as printed.
*** END OF THE PROJECT GUTENBERG EBOOK TATTLE-TALES
OF CUPID ***