METASPLOIT - EW
123825247651METASPLOITAbstractIn this paper we explore the Rapid7 Metasploitable tutorial. 00METASPLOITAbstractIn this paper we explore the Rapid7 Metasploitable tutorial. IntroductionUsing the Rapid7 tutorial—following a fair amount of trial and error—I was able to successfully exploit vulnerabilities in Metasploitable by following the Rapid7 tutorial CITATION Rap181 \l 1033 (Rapid7, 2018).MetasploitableFirst, I needed to start Metasploitable, my target machine, and then run ifconfig to get the target machine’s IP address. The target IP address is displayed following inet addr: and is 192.168.56.101. This IP address will show up repeatedly in this paper, and confirms that I didn’t just grabbed images off the Internet. Information GatheringUsing the target IP address and the nmap and rcpinfo commands in Kali Linux, my attacker machine, I was able to gather a good deal of information about Metasploitable. Metasploitable had a large number of open ports (shown below).rcpinfo and rloginrcpinfo provides further information about the target system, by giving us the services that are running. This is where I started to run into difficulties. I was unable to run the rpcinfo command. The error message in Kali Linux didn’t give me much information about the problem, and nothing that I found on Google helped. It seemed that Linux couldn’t find rpcinfo or nfs, which rpcinfo seems to depend on. After a great deal of trial and error, I discovered that I need to update Kali. But I couldn’t get access to the Internet. So I discovered that I needed a wireless adapter, and ordered one on Amazon. Once the device arrived—a couple days later—I configured the virtual box image to be compatible with it, which was not trivial either. left139192000Once my attacker machine could access the Internet, I successfully ran apt-get update. The I ran apt-get install nfs-kernel-server, which installed the nfs and rpcbind libraries/dependencies that I needed to run rcpinfo, rlogin, and the mount command required to gain remote access via SSH CITATION Ban16 \l 1033 (Banerjee, 2016). With Kali updated, and nfs-kernel-server installed, and after a week of trial and error, I was finally able to run rlogin and rcpinfo. Gaining Remote AccessWith information about the open ports and running services, it was time for my first major exploit: gaining remote access on the target machine via the open SSH port. First, I needed to generate a new public/private key pair with the ssh_keygen command.Then, I needed to mount the key pair on the remote system, but since the mount -t nfs command required nfs, I was at first unable to run it. (After successfully performing the updates and installs that I discuss above, however, the mount -t nfs command ran successfully). Finally, I was able to gain remote access via SSH. I was also able to gain remote access with telnet. Metasploit ExploitsSo far, the exploits we’ve completed have used basic UNIX commands, but Metasploit has its own commands, and built-in exploits that we can leverage. left113792000Metasploit comes packaged with many exploit scripts than can be run simply by calling them. First, however, I needed to get Metasploitable running. I found a video tutorial on YouTube that showed me how to start the postgresql db that Metasploit depends on by typing service postgresql start and then initializing it with msfdb init and finally typing msfconsole to start Metasploit CITATION Dru16 \l 1033 (Druin, 2016). The I could run the exploits in the Rapid7 tutorial. Vulnerable Websitesleft70548500As the tutorial states, Metasploitable also contains vulnerable websites that allow us to practice web application penetration testing. Other methods for compromising MetasploitableThere are methods for exploiting all of the open ports and services in Metasploitable—or any target machine for that matter. In this assignment we focused on gaining remote access which is, as the Rapid7 tutorial states, “the holy grail” for attackers CITATION Rap181 \l 1033 (Rapid7, 2018). But since in the real world gaining remote access is a somewhat rare achievement attackers must exploit other commonly open ports such as FTP (File Transfer Protocol, Port 21), SMTP (Simple Mail Transfer Protocol, Port 25), HTTP (Hypertext Transport Protocol) and HTTPS (HTTP over SSL), POP3 (Post Office Protocol version 3, Port 110), Microsoft SQL Server ports (TCP port 1433 and UDP port 1434) CITATION Bea17 \l 1033 (Beaver, 2017). If all ports are closed, attackers can still exploit an organization’s vulnerable web applications, or use social engineering to gain information that can get them into the network (e.g., credentials or IP addresses). ConclusionIn conclusion, it took me a lot of time to configure the systems to complete the attacks/exploits in the tutorial, but in the end, I was able to successfully perform all of them. Works Cited BIBLIOGRAPHY Banerjee, A. (2016, August 18). Kali Linux Repository Issue Solve [ "E: Unable to locate package" error solved ] New 2016. Retrieved from Youtube: , K. (2017). COMMONLY HACKED PORTS. Retrieved from : , J. (2016, November 24). How to Start the Metasploit Framework Console (msfconsole). Retrieved from YouTube: . (2018). Metasploitable 2 Exploitability Guide. Retrieved from Rapid7: ................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.