Lab 2:exploitation using Metasploit | Mohammad, Al-Fawa’rehLab 2: Exploitation with Metasploit Aim: The aim of this lab is to develop and execute exploits against a remote machine and test its vulnerabilities using Metasploit. Quick tool introduction: Metasploit framework is an open source penetration tool used for developing and executing exploit code against a remote target machine. The framework has the world’s largest database of public and tested exploits. In simple words, Metasploit can be used to test the vulnerability of computer systems in order to protect them and on the other hand it can also be used to break into remote systems. It’s a powerful tool used for penetration testing. Activities: • Complete Lab 2:vulnerability analysis and penetration testing using Metasploit. Learning activities: At the end of this lab, you should understand: • How to develop, install and execute an exploit to make a target machine communicate back to the attacking machine using reverse shell. • How to develop an exploit which installs a VNC server connection on a target machine which can then be connected to. • How to develop, install and execute an exploit using Meterpreter. Lab Overview Our challenge is to setupa perimeter networkwith aKali VMand aWindows 7 VMas shown in (Figure 1). For this you will be allocated your own network (NAT network). Table 1 outlines your challenges and how you might achieve them.
Lab 2:exploitation using Metasploit | Mohammad, Al-Fawa’rehFigure 1:Lab architecture Table 1:Your challenges summary checklist ChallengeDescriptionHow will I do this?Completed? 1You should be able to develop, installand execute an exploit to make a target machine (Windows7 ) communicate back to the attacking machine (Kali Linux) using reverse shell Install reverse shell 2You should be able to develop, installand execute an exploit which remotely controls the target machine (from Kali to Windows7) Install VNC 3You should be able to develop, installand execute in-memory DLL injection stager extended over the network at runtime (from Kali-DMZ to Windows7 ) Install Meterpreter Setting up the network To run today’s lab successfully and be able tocomplete the challenges in Table 1, first you need to configure your network (Figure 1). This includes: setting up: IP address, network mask and default gateway on your hosts (Kali Linux, Windows7) To know your kali ip address open the terminal and run ifconfig as shown below
Lab 2:exploitation using Metasploit | Mohammad, Al-Fawa’rehFigure 2:Kali Linux IP To know your Windows 7 is address open the terminal and run ipconfig as shown below Figure 3: Win 7 IP address
Lab 2:exploitation using Metasploit | Mohammad, Al-Fawa’reh2.1 Reverse Shell A reverse shell is a type of shell in which the target machine communicates back to the attacking machine. The attacking machine has a listener port on which it receives the connection, which by using, code or command execution is achieved.
Want to read all 15 pages?
Previewing 5 of 15 pages Upload your study docs or become a member.
Want to read all 15 pages?
Previewing 5 of 15 pages Upload your study docs or become a member.
End of preview
Want to read all 15 pages? Upload your study docs or become a member.