Metasploit assignment Tools used Metasploit on Kali Metasploitable – intentional vulnerable Ubuntu package NMAP – used to get IP address Nessus – scanned for vulnerabilities Result Found many vulnerabilities Successfully exploited one that interested me Ahmed Alkaysi
Reconnaissance NMAP Nessus Used NMAP within Metasploit to look for target machine Scanned with ‘-O’ arg to get OS info on a range of LAN IP addresses Successfully got the IP address of VM running Metasploitable, along with its running services Nessus Decided to use Nessus for vulnerability scans Launched Nessus outside of Metasploit Scanned target machine using basic scanner Exported results into ‘.nessus’ file Ahmed Alkaysi
Exploitation Loading ‘.nessus’ file Exploiting the vulnerabilities Many Vulnerabilities! Loading ‘.nessus’ file Used ‘db_import’ in Metasploit to load the file exported from Nessus Typed ‘vulns’ to look at a list of vulnerabilities from the file Exploiting the vulnerabilities Found one sounding interesting: ‘Smiley Face Backdoor’ Used associated OSVDB ID: ‘73573’ in ‘search’ command to look for any modules specifically for that ID Found an exploit module in Metasploit Running the Exploit Started attack by entering ‘use’ + *returned module from search*, set ‘RHOST’ to target’s IP Run ‘exploit’ Was able to gain root access to target’s shell Success!! Ahmed Alkaysi