Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

How to change ip address in metasploitable

27/10/2021 Client: muhammad11 Deadline: 2 Day

Linux Commands

This lab will follow a database penetration test from beginning to end in order to illustrate, in a hands-on way, the steps necessary to fully compromise a database. You will use a Metasploit module to identify an account you may use to login. Once logged in you will use SQL commands to explore the database.

1. If Metasploitable isn't already running launch the Metasploitable VM.

2. At the user logon prompt type: msfadmin

3. At the password prompt type: msfadmin

4. Type: ifconfig

a. Paste your screenshot here:-

5. Record the IP address here: This is your RHOST or ‘remote host’

Now switch to Kali.

6. Open a shell by clicking on the black box next to the word “Places”.

7. Type: service postgresql start

a. Paste your screenshot here:-

8. Type: msfconsole

a. Paste your screenshot here:-

9. Scan your target for database technologies. Try to identify running database services on your target’s ports.

a. Type: nmap x.x.x.x (substitute x.x.x.x for the ip address of your REMOTE host)

b. Paste your screenshot here:-

Success! We’re identified multiple instances of database technologies running on our target. Let’s choose a service to target. For this example we’ll select MySQL.

10. Metasploit has multiple MySQL exploits.

a.Type: search mysql

b. Paste your screenshot here:-

11. Type: use auxiliary/scanner/mysql/mysql_login

12. Type: info

13. Type: set rhosts x.x.x.x (substitute x.x.x.x for the ip address of your REMOTE host)

14. Type: set username root

15. Type: set stop_on_success true

16. Let’s confirm the changes you made took. Type: info

17. a. Paste your screenshot here:-

18. Type: exploit

a. Paste your screenshot here:-

You determined the username root has no password. Congratulations. Let’s test our access to the MySQL database.

19. Open a new shell by clicking on the black box to the right of the word “Places”.

20. Type: mysql –h x.x.x.x –u root (substitute x.x.x.x for the ip address of your REMOTE host)

a. Paste your screenshot here:-

21. Type: show databases;

a. Paste your screenshot here:-

22. Let’s pick a database and explore it. Type: use dvwa;

a. Paste your screenshot here:-

23. Now that we’ve picked a database let’s view the tables. Type: show tables;

a. Paste your screenshot here:-

24. Let’s see what data is being held in this table. Type: show columns from users;

a. Paste your screenshot here:-

25. Columns of interest are “user” and “password”. Type: select user, password from users;

a. Paste your screenshot here:-

26. You’ve successfully scanned for a database technology, found a vulnerable database service running on a target’s port, located the appropriate exploit for use and ran it. Now try exploiting a different database vulnerability, such as Postgresql.

Congratulations, you’ve used a Metasploit module to attack a database. You’ve accessed a database, enumerated the tables, identified fields of interest, and inspected their contents.

W

In this lab we are going to set up your Kali and Metasploitable VMs for use in our weekly labs.

We'll run the virtual machines, gather their IPs, and confirm they are able to send/receive traffic between each other.

There are only a few questions but be sure to answer them so the work you perform may be captured for grading purposes.

Preamble.

You will need to download your chosen Virtual Machine Manager (VM) choose the VM that works for your operating system

For Windows

http://www.vmware.com/ - Downloads – VMWare Player

https://www.virtualbox.org/wiki/Downloads

For OSX (Mac)

http://www.vmware.com/ - Downloads – VMWare Fusion (NOTE – This software is not free you can only download a 30 day trial)

https://www.virtualbox.org/wiki/Downloads

Next Download Kali Linux

https://www.kali.org/downloads/

Select Kali Linux 32 Bit and click the direct link for ‘ISO’

Download Metasploitable Linux (This is our target operating system)

https://sourceforge.net/projects/metasploitable/

Click the green button marked ‘download’

Next is installation

https://www.youtube.com/watch?v=a0X9-lCOsEo This Video will guide you through installing Metasploitable using virtual box – the process is similar for VMWare

https://www.youtube.com/watch?v=FVmWMogGX4Q This Video will guide you through installing Kali Linux in Virtual Box – the process is similar for VMWare

During the installation make sure that the password you select for the ‘root’ account is toor

During the installation you will be asked to give your kali VM a ‘hostname’ please make sure that you put your name as the hostname for the machine.

Class: SEC6070

Name:

Date:

1. Open VMware Workstation.

2. Start your Kali and Metasploitable VMs.

Both your Kali VM and your Metasploitable VM should be running.

3. Select Kali linux

4. Type this username at the login prompt: root

5. Type this password: toor

We need to change the default password because it's not secure.

While the password we're changing it to isn't necessarily secure (for the sake of simplicity in this class) we still need to change it on principal.

6. Open a shell. (Look for a small black box at the top left of your screen.)

7. Type: passwd

a. Paste your screenshot here:-

8. Type: wilmuabc (it will ask you to repeat the password)

9. Type: ifconfig

a. Paste your screenshot here:-

10. Record your IP address here:

ANSWER:

NOTE IN ALL FURTHER WORKSHEETS UNLESS OTHERWISE TOLD THIS WILL BE YOUR ‘LHOST’ OR LOCAL HOST

11. Let's double-check no firewall is running.

a. Type: iptables -L (All policies should be set to "ACCEPT".)

b. Paste your screenshot here:-

12. Press ctrl+alt to escape your Kali VM.

Now let's switch our focus to the Metasploitable VM.

13. At the user logon prompt type: msfadmin

14. At the password prompt type: msfadmin

This is an intentionally vulnerable system so there's no point in changing the password from the default.

15. Type: ifconfig

b. Paste your screenshot here:-

16. Record the IP address here:

NOTE IN ALL FURTHER WORKSHEETS UNLESS OTHERWISE TOLD THIS WILL BE YOUR ‘RHOST’ OR REMOTE HOST

Now we know the IP addresses of our Kali and our Metasploitable VMs.

Let's test connectivity.

17. You should still be at the Metasploitable prompt.

a. Type: ping {insert the IP address of your Kali VM}

b. Press ctrl+c to stop the ping.

c. Paste your screenshot here:-

Now let's verify connectivity from the Kali VM.

18. Switch your focus to the Kali VM. (Reminder: Press ctrl+alt to escape the Metasploitable VM.)

19. Click on "Applications-Internet-Firefox Web Browser".

20. Once Firefox opens type the IP address of your Metasploitable VM in the address field and navigate to it.

You should navigate to a running web service.

a. Paste your screenshot here:-

Listed on your webpage should be a list of vulnerable web services that we will be testing against later in the class

Once you have completed this worksheet please submit it for grading via the link on blackboard

Linux Primer with Kali

Class: SEC6070

Name:

Date:

This lab is meant to familiarize you with the Linux operating system.

While it is not meant to make you a Linux power user, it is meant to make you comfortable with moving around the operating system.

We won't go over the file system hierarchy or delve into the more technical aspects of how Linux works but we will go over common commands so you have a working knowledge of Linux.

Linux commands will still be provided to you in future labs but it is important that, as an IT professional, you memorize these commands.

*Special Note: Unlike Windows, Linux shell commands and paths are case sensitive.

1.Open VMware Workstation/Virtual Box and launch the Kali VM.

We'll start by learning to move around Linux.

2. Launch a shell. (It's the black box icon to the right of Applications, Places, System.)

a. Paste your screenshot here:-

3. Type: whoami (This is the account you're logged in with.)

a. Paste your screenshot here:-

4. Type: pwd (pwd stands for "present working directory")

a. Paste your screenshot here:-

5. Type: ls –alF

a. Paste your screenshot here:-

b. What does this command do?

c. What does the ‘switch’ –alF achieve?

6. Type: cd /

a. Where does this command put you in the file system ‘tree’?

7. Hit the up arrow on your keyboard and then hit it again.

Observe that it shows you your previous commands.

This is a big time saver.

8. Type: ls /usr/share

a. Paste your screenshot here:-

Notice all of the tools.

These are your penetration testing tools.

9. Type: cd .. (This will take back to your parent directory.)

10. Type: pwd

a. Paste your screenshot here:-

Where are you now?

11. Type: clear

a. What does this command do?

12. Type: history

a. Paste your screenshot here:-

b.What does history show you?

13. Type: {press the spacebar} date

14. Hit the up arrow twice and hit enter.

a. Paste your screenshot here:-

b. What didn't the history command show you?

c. Why is this important?

15. Type: clear

All software, drivers, drives, etc, are considered files in Linux.

There are many useful commands to perform searches and queries on files in a Linux operating system.

16. Type: locate gunzip

a. Paste your screenshot here:-

17. Type: find /usr/share | more (Hit ctrl+c to stop the output.)

a. Paste your screenshot here:-

18. Type: whereis msfconsole

a. Paste your screenshot here:-

19. Type: whatis motd

a. Paste your screenshot here:-

Linux has many text editors available for use:

20. Type: cat /usr/share/doc/funkload/examples/demo/cmf/passwords.txt

a. Paste your screenshot here:-

b. What did "cat" do?

c. Are able to edit the file?

21. Type: nano /usr/share/doc/funkload/examples/demo/cmf/passwords.txt

a. Paste your screenshot here:-

Nano is considered to be easier to use for users new to Linux text editors.

When you type you immediately begin editing the file.

Press ctrl+x to exit.

Press "n" to not save any changes.

Sometimes you need to learn more about commands you are not familiar with.

22. Type: man top

a. Paste your screenshot here:-

b. What does the man page description indicate the "top" program does?

c. Type: q

23. Type: info man

a. Paste your screenshot here:-

To exit type: q

(Sometime people find it easier to read info pages as opposed to man pages.)

24. Type: top -help

a. Paste your screenshot here:-

b. What is printed to the screen?

Let's look at a few Linux networking related commands that are useful to know:

25. Type: ifconfig

a. Paste your screenshot here:-

b. What is the IP address?

26. Type: route

a. Paste your screenshot here:-

b. What is the gateway?

27. Type: cat /etc/hostname

a. Paste your screenshot here:-

b. What is the hostname?

If your hostname is not your name

Type nano /etc/hosts

Delete ‘Kali’

Replace it with your own name

Save and exit

a. Paste your screenshot here:-

28. Type: cat /etc/resolv.conf

a. Paste your screenshot here:-

b. What is the address of the nameserver (aka DNS server):

29.Find the "sudoers" file.

Read its contents.

a. Paste your screenshot here:-

b. What is the exact location of the sudoers file?

c. What commands may members of the sudo groups execute?

30. Edit the hostname of your machine, type :nano /etc/hostname

delete ‘kali’

add your name in its place

press ctrl x

yes to save changes

enter to quit

a. Paste your screenshot here:-

There are many more commands used in the Linux operating system.

There are also multiple scripting languages available, the most common of which is BASH.

You are encouraged to continue learning more about the Linux operating system as it is responsible for running most of the machines we interact with on regular basis.

Once you have completed this worksheet please upload it via the link on blackboard for grading

Introduction to Metasploit - A Tour

Class: SEC6070

Name:

Date:

What is Metasploit?

Metasploit is an open source framework for exploitation that has transcended its humble beginnings and become a "penetration testing environment suite" - my interpretation. I say this because you are now able to use Metasploit to accomplish any task in the penetration testing phase and based on your findings you may choose a tool/methodology, modify an existing tool/methodology, or create a new tool/methodology to accomplish your goal.

While most penetration testing options like Canvas have additional options and features, none provide you with the freedom and flexibility that Metasploit does. So while Kali is a wonderful Linux-based operating system loaded with tools, a pentester has everything he or she needs in Metasploit. As you will soon learn in this course, Metasploit has reconnaissance tools (discovery and vulnerability scanners), malicious code generators, evasion apps so your exploit doesn't get caught by IPS or antivirus, password attack tools, and many, many more.

PLEASE DON’T CONFUSE METASPLOIT (THE FRAMEWORK) WITH METASPLOITABLE (THE VULNERABLE BY DESIGN OPERATING SYSTEM)

1.Open VMware and launch the Kali VM and login as root with your password wilmuabc.

2. Launch a terminal (shell). (It's the black box icon to the right of Applications, Places.)

3. Type: msfconsole

Wait patiently for Metasploit to load.

a. Once loaded paste your screenshot here: -

4. Open another terminal and type: env

a. Paste your screenshot here: -

(View the PATH variable. When you attempt to execute a program Linux looks at all of the paths in the PATH environment variable to find and execute the program. That's why you may type "msfconsole" and the program executes.)

5. If you visit the Rapid7 website (https://www.rapid7.com/) you will find you have the option to register for notifications, support, and updates of Kali.

Rapid7 has moved away from using SVN for code management to Git.

For our purpose, here it doesn't matter but if you enjoy working on the bleeding edge of distros you may want to register and upgrade to the latest version.

a. Paste your screenshot here: -

6. Switch your focus back to the Metasploit shell. Look at the information under the banner and answer the questions below about the various modules available.

6a. How many exploits does Metasploit have:

6b. How many auxiliary exploits does Metasploit have:

6c. How many post modules does Metasploit have:

6d. How many payloads does Metasploit have:

6e. How many encoders does Metasploit have:

6f. How many nops does Metasploit have:

Metasploit Modules Breakdown

I've defined Metasploit's modules below.

Take the time to read them so you have a better understanding of their purpose and use.

Exploits - Pre-packaged malicious executables that takes advantage of a vulnerability to gain access to a system and deliver a payload.

Payloads - Can be a variety of applications/configurations used to establish foothold on system post-exploitation. Examples are reverse shells that call home or stagers for further exploitation and persistence. Meterpreter is a particularly useful and commonly used payload shell.

Encoders - Obfuscates exploits and payloads so they can't be fingerprinted by AV or IDS/IPS definitions.

Auxiliary - Attack components such as DoS tools, buffer overflows, SQL injection apps, fuzzers, and more.

Post - Automation modules for post-exploitation. Tools to further establish access on a system or network like keystroke loggers and privilege escalators.

NOPs - NOP sled tools such as buffer overflow reference material for custom NOP sleds. For simplicity's sake we'll say NOP sleds tell a processor to do nothing for a specified number of clock cycles, thereby increasing the chances of your code executing successfully.

With that brief introduction behind us let's learn by doing.

*You may want to maximize your terminal to full screen.

7. Type: help (Notice the list of commands available to you in Metasploit.)

a. Paste your screenshot here:-

8. Type: show exploits (Wait patiently for the Metasploit database to be queried and print the results to your terminal.)

a. Paste your screenshot here:-

b. Notice the format: Name, Date, Rank, Description

c. What is the date of the "windows/http/sonicwall_scrutinizer_sqli" exploit?

d. What is its rank?

e. What is its description?

9. Encoders allow you to encode your payload so it doesn't trigger antivirus or IDS tools like McAfee's HBSS.

This is very important to know and understand because most AV and IDS tools aren't going to catch your payload if you encode it.

a. Type: show encoders

b. Paste your screenshot here:-

c. Find and document an encoder of your choice here:

10. Payloads are the deliveries we will make to the system we are exploiting.

a. Type: show payloads

b. Paste your screenshot here:-

c. Find and document a payload for the Mac OS here:

a. Paste your screenshot here:-

11. We will use auxiliary modules quite a bit. There are a variety of community provided penetration testing tools located here.

a. Type: show auxiliary

b. Paste your screenshot here:-

c. Does the auxiliary module contain scanners?

d. If so list them here :-

Now let's get down to business and pretend we are professional penetration testers researching a strategy to gain access to an industrial control system network such as a water treatment plant.

12. We need to find a Windows SCADA exploit.

a. Type every word after this colon: search windows/scada

b. Paste your screenshot here:-

13. Let's learn more about a particular module we found in our search results to confirm it will be useful to us.

a. Type: info windows/scada/moxa_mdmtool

b. Who provided this exploit?

c. What are the options available for this exploit?

d. What references are available?

e. What does the description tell us this module does?

14. This may be the exploit we need to compromise the system.

a. Type: use windows/scada/moxa_mdmtool

b. Paste your screenshot here:-

c. Type: show payloads

d. Document two payloads you would might use that are available for this exploit:

e. Paste your screenshot here:-

15. Type: show advanced

a. These advanced options, for the most part, won't normally be changed by you. You will want to change them in some cases though. Scroll down to the SSL option. It's currently set to false. If you were running a reverse shell out of a network you may want to enable SSL not only to potentially hide your activity but to also protect your client. The last thing you want to do expose the client's data to a third party because you transferred it in clear text over the internet.

16. Type: show options

a. Paste your screenshot here:-

b. These are the setting the exploit currently has.

17. Type: info

a. Paste your screenshot here:-

17. Type: help

a. Paste your screenshot here:-

b. What command would you type to verify a system is vulnerable to this exploit?

c. What command would use to execute the exploit?

19. Type: exit

Now let's take a look at how Metasploit's file system is organized.

20. Type: cd /usr/share/metasploit-framework/modules

a. Type: ls (You should recognize the high level organization.)

b. Paste your screenshot here:-

21. Type: cd exploits

a. Type: ls

b. Paste your screenshot here:-

(As you can see, you may drill down in each folder to view available tools Metasploit offers. Although this isn't necessary, it is good to understand how the Metasploit is organized for troubleshooting modules.)

You've gained a basic understanding of Metasploit's organization and how to explore this popular open source penetration testing tool suite. We'll gain a higher level of understanding and take part in a more advanced use of Metasploit in subsequent labs.

Please upload this worksheet via the link provided in Blackboard

Database Attack Lab

Class: SEC6070

Name:

Date:

This lab will follow a database penetration test from beginning to end in order to illustrate, in a hands-on way, the steps necessary to fully compromise a database. You will use a Metasploit module to identify an account you may use to login. Once logged in you will use SQL commands to explore the database.

1. If Metasploitable isn't already running launch the Metasploitable VM.

2. At the user logon prompt type: msfadmin

3. At the password prompt type: msfadmin

4. Type: ifconfig

a. Paste your screenshot here:-

5. Record the IP address here: This is your RHOST or ‘remote host’

Now switch to Kali.

6. Open a shell by clicking on the black box next to the word “Places”.

7. Type: service postgresql start

a. Paste your screenshot here:-

8. Type: msfconsole

a. Paste your screenshot here:-

9. Scan your target for database technologies. Try to identify running database services on your target’s ports.

a. Type: nmap x.x.x.x (substitute x.x.x.x for the ip address of your REMOTE host)

b. Paste your screenshot here:-

Success! We’re identified multiple instances of database technologies running on our target. Let’s choose a service to target. For this example we’ll select MySQL.

10. Metasploit has multiple MySQL exploits.

a.Type: search mysql

b. Paste your screenshot here:-

11. Type: use auxiliary/scanner/mysql/mysql_login

12. Type: info

13. Type: set rhosts x.x.x.x (substitute x.x.x.x for the ip address of your REMOTE host)

14. Type: set username root

15. Type: set stop_on_success true

16. Let’s confirm the changes you made took. Type: info

17. a. Paste your screenshot here:-

18. Type: exploit

a. Paste your screenshot here:-

You determined the username root has no password. Congratulations. Let’s test our access to the MySQL database.

19. Open a new shell by clicking on the black box to the right of the word “Places”.

20. Type: mysql –h x.x.x.x –u root (substitute x.x.x.x for the ip address of your REMOTE host)

a. Paste your screenshot here:-

21. Type: show databases;

a. Paste your screenshot here:-

22. Let’s pick a database and explore it. Type: use dvwa;

a. Paste your screenshot here:-

23. Now that we’ve picked a database let’s view the tables. Type: show tables;

a. Paste your screenshot here:-

24. Let’s see what data is being held in this table. Type: show columns from users;

a. Paste your screenshot here:-

25. Columns of interest are “user” and “password”. Type: select user, password from users;

a. Paste your screenshot here:-

26. You’ve successfully scanned for a database technology, found a vulnerable database service running on a target’s port, located the appropriate exploit for use and ran it. Now try exploiting a different database vulnerability, such as Postgresql.

Congratulations, you’ve used a Metasploit module to attack a database. You’ve accessed a database, enumerated the tables, identified fields of interest, and inspected their contents.

Metasploit Reconnaissance Lab

Class: SEC6070

Name:

Date:

In this lab we will be doing information gathering with regards to email addresses within the Wilmu.edu domain

1. Open VMware and launch the Kali VM and login as root with your password wilmuabc.

2. Open a shell by clicking on the little black box located at the top left of the desktop.

3. Type: msfconsole

We'll start by performing reconnaissance of a potential target.

We'll run an email reconnaissance module against wilmu.edu for demonstration purposes.

4. Type: use auxiliary/gather/search_email_collector

5. Type: set DOMAIN wilmu.edu

6. Type: set OUTFILE /tmp/results.txt

7 Type: info

a. Paste your screenshot here:-

8. What search engines is search_email_collector using?

a. Paste your screenshot here:-

9. Type: show advanced

a. Paste your screenshot here:-

10. Why might you use a proxy when running search_email_collector?

ANSWER:

10. Type: run

a. Paste your screenshot here:-

11. Your results were already printed to the screen but what if you move on to another pen testing activity?

a. Type: cat /tmp/results.txt

b. Paste your screenshot here:-

As you can see, your results have been recorded to a text file for later referencing.

12. Type: ls /usr/share/metasploit-framework/modules/auxiliary/gather

a. Paste your screenshot here:-

13. What other interesting information gather tools are there?

a. List one of the tools you are interested in and why.

ANSWER:

Now that we know a little bit more about wilmu.edu we'll run a DNS reconnaissance module against wilmu.edu.

14. Type: back

15. Type: use auxiliary/gather/enum_dns

16. Type: info

a. Paste your screenshot here:-

17. Look at the options that are set to true by default. enum_dns will try a zone transfer using ENUM_AXFR. enum_dns will also search for common srv records such as such as ftp, http, smtp, ldap, etc, using ENUM_SRV. ENUM_STD is also set to be used by default. It will search for standard DNS records such as start of authorities (SOAs), name server records (NSs), and A records (aka hosts). As you can see, enum_dns is more powerful and aggressive than dns_info.

18. Type: show options

a. Paste your screenshot here:-

19. Type: show advanced

a. Paste your screenshot here:-

b . What options would you use if you had a strategy, such as a low and slow attack that won't get you noticed?

ANSWER:

20. Type: set DOMAIN wilmu.edu

21. Type: run

a. Paste your screenshot here:-

22. What information was retrieved?

ANSWER:

23. Let's explore more enum_dns options.

a. Type: set ENUM_TLD true

24. Type: run (This could take quite awhile to complete.)

a. Paste your screenshot here:-

b. How many TLDs does enum_dns search?

ANSWER:

Be careful when using this option. You might find spoofed sites that have been set up to look like the original and then get hit with exploits suites like the Black Hole Exploit Kit.

25. Type: show options

a. Paste your screenshot here:-

b. What does ENUM_RVL do?

ANSWER:

26. What does ENUM_BRT do?

ANSWER:

a. Type: ls /usr/share/wordlists

b. Paste your screenshot here:-

These are not files you would want to cat or gedit. They are enormous wordlists used by Metasploit for various brute forcing purposes.

We've done some basic but effective reconnaissance using Metasploit. We've discovered email addresses and servers belonging to Wilmington University. There are many reconnaissance tools available to you such as Maltego. Maltego is a highly effective reconnaissance tool that also searches social network sites.

Once completed please upload this worksheet to Blackboard by the link provided for grading

Metasploit Scanning Lab

Class: SEC6070

Name:

Date:

1. If your VMs aren't already running then open VMware and launch the Kali VM and login as root with your password wilmuabc.

2. Open a shell by clicking on the little black box located at the top left of the desktop, to the right of the word "Places".

3. Type: msfconsole

4. Open another instance of VMware Player and launch the Metasploitable VM.

5. At the user logon prompt type: msfadmin

6. At the password prompt type: msfadmin

7. Type: ifconfig

a. Paste your screenshot here:-

b. This IP address becomes your RHOST (Remote Host)

8. Record the Metasploitable VM IP address here:

Metasploit has numerous scanners located in various places. Let's become familiar with how to find and identify the scanners we need. Not all scanners are built alike. Some are very limited but very good at what they do while others are broader in functionality and applicable in many instances.

Switch to you Kali VM and type "back" if you currently have a module loaded from a previous lab.

9. Repeat step 2 and open an additional shell and type:

ls /usr/share/metasploitframework/modules/auxiliary/scanner/portscan

10. These are just a few of the built in port scanners Metasploit has to offer.

a. What port scanners are available?

b. Paste your screenshot here:-

11. Lets pick one and list the options and advanced options.

a. Switch to your Kali VM and type: use auxiliary/scanner/portscan/xmas

b. Type: show options

c. Paste your screenshot here:-

d. Type: show advanced

a. Paste your screenshot here:-

12. Type: back

13. Switch to the other shell (Not Metasploit.) and type:

ls /usr/share/metasploit-framework/modules/auxiliary/scanner/discovery

a. Paste your screenshot here:-

14. Notice we have more discovery tools.

a. List a tool and what it does.

b. Paste your screenshot here:-

15. Switch back to your other shell and type: use auxiliary/scanner/discovery/arp_sweep

a. Type: show options

b. Paste your screenshot here:-

c. Type: show advanced

d. Paste your screenshot here:-

16. Let's search for more scanners.

a. Type: search type:auxiliary scanner

If you have trouble reading the output make sure your shell is maximized as well as your instance of VMware.

b. Paste your screenshot here:-

17. What scanner may I use to brute force Outlook Web Access logins?

a. Type: search type:auxiliary outlook

b. Who wrote the module? Type: info

c. Paste your screenshot here:-

d. Type: info auxiliary/scanner/http/owa_login

e. Paste your screenshot here:-

18. What is the pcanywhere_login module good for?

a. Type: search type:auxiliary pcanywhere_login

b. Paste your screenshot here:-

c. Type: info auxiliary/scanner/pcanywhere/pcanywhere_login

d. Paste your screenshot here:-

Now let's learn how to use the "info" command to gather information about modules.

19. Type: info auxiliary/scanner/mssql/mssql_ping

a. What does this module do?

b. Paste your screenshot here:-

Now let's look at everyone's favorite scanner Nmap. Nmap is a tool every pen tester, system administrator, network administrator, etc, should be familiar with.

*If you currently have a module loaded type: back

20. Type "nmap". Notice the exhaustive output. The switch syntax is given along with a description of the command.

21. Type: nmap -sT x.x.x.x (x.x.x.x. is the IP address of the Metasploitable VM.)

a. What were some of your findings?

b. Paste your screenshot here:-

Now that we've used Nmap to find and scan a host let's see if we can connect.

22. At the msf console type: connect help

a. Paste your screenshot here:-

View the options.

23. To verify a port is open on your target and you can connect to it type "connect -z x.x.x.x 21"

This will connect you to the FTP port on your target system, if the FTP service is running.

a. Go ahead and see if you are able to connect to the target using the above command. What are the results.

b. Paste your screenshot here:-

24. Now that you know the FTP port is open you can search for exploits.

a. Type: search platform:linux type:exploit ftp

b. Paste your screenshot here:-

c. List two exploits.

d. Paste your screenshot here:-

We've explored scanning with Metasploit by searching for multiple scanner modules, loading them, and exploring their functions. We also used an industry favorite, Nmap, to target our victim VM. We connected to an open port to confirm connectivity and then looked up available exploits in the Metasploit database. In the labs ahead we'll be using the information we've gathered to continue looking up exploits and leveraging them against vulnerabilities.

Armitage Lab

Class: SEC6070

Name:

Date:

1. Open VMware and launch the Kali VM and login as root with your password wilmuabc.

2. Open a shell by clicking on the little black box located at the top left of the desktop, to the right of the word "Places".

3. DO NOT LAUNCH METASPLOIT

4. Type: service postgresql start

5. Type: msfdb init

a. Paste your screenshot here:-

6. Launch your Metasploitable VM.

7. At the user logon prompt type: msfadmin

8. At the password prompt type: msfadmin

9. Type: ifconfig

10. Record the IP address here:

a. Paste your screenshot here:-

THIS IS THE IP ADDRESS FOR RHOST (REMOTE HOST) - METASPLOITABLE

Armitage is described as a "cyber attack management tool". Armitage is a GUI for Metasploit. It does not replace Metasploit but it does provide a way to visualize your targets. It also makes the use of Metasploit collaborative by being able to support more than one user at the same time. Armitage has other features such as suggestions. While Armitage is heavily integrated with Metasploit it does not entirely replace the command line so the command line is still available from within the GUI. We will explore the use of Armitage in this lab to gain a better understanding of its capabilities as a penetration testing tool.

11. Using the shell you already have open in your Kali VM type: armitage

12. Click "Connect" at the first prompt and then "Yes" to start the service that connects to the Metasploit database. (Accept the defaults. Do not change the IP address from 127.0.0.1.)

a. Paste your screenshot here:-

13. Click "Hosts-Add Hosts" and enter the IP of your Metasploitable VM.

a. Paste your screenshot here:-

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Quality Homework Helper
Solutions Store
Engineering Help
Premium Solutions
Isabella K.
Peter O.
Writer Writer Name Offer Chat
Quality Homework Helper

ONLINE

Quality Homework Helper

I have read your project details and I can provide you QUALITY WORK within your given timeline and budget.

$41 Chat With Writer
Solutions Store

ONLINE

Solutions Store

I will be delighted to work on your project. As an experienced writer, I can provide you top quality, well researched, concise and error-free work within your provided deadline at very reasonable prices.

$45 Chat With Writer
Engineering Help

ONLINE

Engineering Help

I find your project quite stimulating and related to my profession. I can surely contribute you with your project.

$45 Chat With Writer
Premium Solutions

ONLINE

Premium Solutions

Being a Ph.D. in the Business field, I have been doing academic writing for the past 7 years and have a good command over writing research papers, essay, dissertations and all kinds of academic writing and proofreading.

$39 Chat With Writer
Isabella K.

ONLINE

Isabella K.

I can assist you in plagiarism free writing as I have already done several related projects of writing. I have a master qualification with 5 years’ experience in; Essay Writing, Case Study Writing, Report Writing.

$29 Chat With Writer
Peter O.

ONLINE

Peter O.

I have assisted scholars, business persons, startups, entrepreneurs, marketers, managers etc in their, pitches, presentations, market research, business plans etc.

$27 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Groundwork of the metaphysics of morals mary gregor pdf - Cisco network proposal part 1 - Multifactor leadership questionnaire rater form - Panasonic kx tda100 specifications - TEST 090820 - Foundations of multinational financial management pdf - Green hoousing - Two quality control technicians measure the surface finish - As 2601 2001 the demolition of structures - EH Week9 DB - Murdocks 4 functions of the family - Aicpa due care - I write 900 words Essay on “how old do you think prince hamlet should be? - It project that had problems due to organizational issues - Antacid analysis lab report - Allen is a critique of utilitarianism - Pied piper costume diy - Ritz carlton target market - Rationale for impaired physical mobility - Working at heights swms - Contribution margin per unit - Dealing with traffic jams in london - Assignment: Academic Success and Professional Development Plan Part 5: Professional Development - Video literacy narrative - Naked statistics sparknotes - Isaac moonzwe - Social Media Discussion: Healthcare Policies and Population Health - Assignment 2 the gig economy - Solve this if you are a genius 5 3 28 - Becoming a master student 16th edition chapter 8 quiz answers - Graph theory homework - The choice between developing versus purchasing software often is called a ____ decision. - Quality control case study - Dr ninan chacko vellore - Lab report example chemistry pdf - Gateshead fed racing pigeons - Sir george cayley facts - Ccl2br2 polar or nonpolar - Artificial Intelligence - John wooden pyramid of success - ASSIGNMENT 1: Competency in Microsoft Excel - Year 1 ict curriculum - Discussion 2.1 - Liquid eco-flo gypsum bunnings - Exploring language 13th edition pdf - Bp oil spill pr case study - Essentials of business law 6th edition pdf - Calibration of burette experiment - Math homework help linear equations - Mcdonalds statement of cash flows - How the irish saved civilization sparknotes - Athlean x xero program pdf - Laminex kitchen colour combinations - Who changed my cheese - 8.1 puzzle time how do chickens grow strong answers - Whats the average phone bill - Discussion - WP3 - Brisbane city council planning scheme mapping - Pedigree analysis answer key - Hot shots tennis t-shirt - What happened to erutan - Small Group Communication - Discussion question in-cite text - Discussion Board - Vic uni st albans campus map - Zoot suit 1981 latino gangster movies - Real and complex analysis solutions pdf - Rama's initiation from the ramayana summary - Pass the prize game - The rime of the ancient mariner worksheet answers - Fundamentals of organizational communication shockley zalabak pdf - Bornavirus in birds symptoms - Pots n pans a king & j mattheus - Minehead middle school uniform - New office fit out checklist - Into the woods waapa - Molecular models of neutral molecules - Toilet cubicle size australian standards - Project proposal - Enterprise Risk Management - What does sol mean in spanish - Keith rn case study answers - Agape perfecting praise and worship center - Group Observation - Sales tax office chennai address - Electricity bill payable journal entry - Vcaa specialist maths formula sheet - The number of cars sold at a certain dealership - Deeper meaning behind playing cards - Folding screen with indian wedding and flying pole - Pregnancy - Gagne model of learning - Atlas god roman name - Strong/* lOve marriAge speCialist +91-9924492424 Baba Ji - Ethics - S. dakota pastor bill guthrie - White tailed deer symbiotic relationships - The politics of public budgeting 9th edition pdf - A raisin in the sun act 2 scene 2 script