🐉 neospace ~

📝 Latest Posts

Lab 6 CSES

Feb 13, 20252 min read

Exercise 6.1 Metasploit–Setting Up Metasploitable

  1. Downloaded and setup Metasploitable on Virtual Machine Manager
  2. To get ip address we can type the command ifconfig

Exercise 6.2 Metasploit Introduction

  1. Starting up msfconsole

Exercise 6.3 Metasploit Basic Overview

Trying basic commands

  1. help to get help with the msfconsole tool and guide to how to use the tool

  2. banner to change the msfconsole banner

  3. show exploits to show all available

  4. To search for a group of exploits, you can use the command search with a keyword of any exploits.
    For example:

    msf6 > search mysql to get all the exploits related to mysql.
    msf6 > search ssh to get all the exploits related to ssh.
    msf6 > search login to get all the exploits related to login

  1. To get the information of any exploits use the command info followed by the name of the exploit ~info exploit/windows/misc/ais_esel_server_rce

  2. To use any of the exploits use the command use

Exercise 6.4 Metasploit Using Tool and Exploits

  1. Use some of the commands which helps to collect some information about some servers
    • whois : to get some information about the website
    • host : to get the ip address of the website
  2. First scan the vulnerable target machine to see the open ports and running services on it to get the understanding of the target

The scan reveals that the host 192.168.122.30 is active and running multiple open TCP ports, suggesting a diverse set of services hosted on this machine. Key findings include:

  • Common Services: The machine has standard services such as FTP (port 21), SSH (port 22), HTTP (port 80), and SMTP (port 25) enabled, indicating basic server functionality.
  • Database Services: MySQL (port 3306) and PostgreSQL (port 5432) are open, suggesting the system is hosting or accessing databases.
  • File Sharing and Remote Access: Ports for NFS (2049), SMB (139, 445), and VNC (5900) are open, highlighting potential file-sharing and remote-access capabilities.
  • Potential Security Concerns: Open ports for Telnet (port 23), RPC services (111), and RMI Registry (1099) may pose security risks as they are often targets for exploitation.
  • Uncommon Ports: Ports such as 1524 (Ingreslock) and 6667 (IRC) are open, which could indicate either specific applications or possible legacy/unused services.
  • Web Applications: AJP13 (port 8009) and an unknown service on port 8180 suggest the presence of Java-based web applications or Apache Tomcat.
  1. exploit the machine using (auxiliary/scanner/ssh/ssh_version) exploit

Graph View

Backlinks