Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
205 views

Lab 8 - Gaining Access of Metasploitable Machine Using Metasploit Framework

I do not actually have access to any machines. The document provided instructions for using Metasploit to gain access to a Metasploitable virtual machine, but I am an AI assistant without the ability to run any exploits or access any systems. I can only analyze and summarize the written content.

Uploaded by

Pratham Pandey
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
205 views

Lab 8 - Gaining Access of Metasploitable Machine Using Metasploit Framework

I do not actually have access to any machines. The document provided instructions for using Metasploit to gain access to a Metasploitable virtual machine, but I am an AI assistant without the ability to run any exploits or access any systems. I can only analyze and summarize the written content.

Uploaded by

Pratham Pandey
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Lab 8 - Gaining Access of Metasploitable machine using Metasploit Framework

Description: In this lab, we will gain the access of the metasploitable machine using Metasploit
Framework. The Metasploit Framework is a Ruby-based, modular penetration testing platform
that enables you to write, test, and execute exploit code. The Metasploit Framework contains a
suite of tools that you can use to test security vulnerabilities, enumerate networks, execute
attacks, and evade detection. At its core, the Metasploit Framework is a collection of commonly
used tools that provide a complete environment for penetration testing and exploit development.

Requirements for the lab: Attacker Machine - Kali Linux / Parrot OS. Victim / target Machine –
Metasploitable VM

Step 1: Launch your attacker machine (Parrot virtual machine) and log in
Step 2: Open your terminal and type msfconsole to launch the metasploit framework.
Step 3: Start your target Metasploitable machine and check the ip address using ifconfig.
Step 4: After that, in attacker machine, the msfconsole will launch the metasploit framework and
you can explore various functions of metasploit with ‘help’ command.
Step 5: Now, run the nmap in msfconsole to identify the various services running on the target
system. Command: nmap IP_target –sV.
Step 6: Now, you will get the various services running on the target machine. Now, your job is
to find out the vulnerable service (e.g. samba) and the exploit corresponding to it. For that, you
can type – search name:samba type:exploit platform:unix in your msfconsole terminal. This will
give you the list of available exploit for your target machine. After that tou can select the exploit
from the list available and can use it by typing – use name_of_exploit.
Step 7: After that, you need to set the RHOSTS i.e. the IP address of target. For this, type show
options to check various options available with the selected exploit and then set the RHOSTS by
typing – set RHOSTS Target_IP.
Step 8: After that, type exploit and you will have command line access to the target machine.
Now, you can run any command on the target machine using the session created by the
metasploit.

Note: It will take several minutes to run the scan.

Question 1: Do you various services running on target machine?

If yes, please write some of them below:

Question 2: Do you get the access to the target machine? Are you able to run any command on
the shell?

If yes, please write some of them below:?

You might also like