Scribd
Upload
3 views7 pages

Lab 3

The document outlines a step-by-step guide for gaining access to a system using ethical hacking techniques with Kali Linux, focusing on tools like Metasploit and Armitage. It covers setup, exploitation, brute force methods, denial-of-service modules, and the use of a graphical interface for easier execution of attacks. The conclusion emphasizes the hands-on experience gained in identifying vulnerabilities and testing security measures.

Uploaded by

arpit.homwisor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
3 views7 pages

Lab 3

The document outlines a step-by-step guide for gaining access to a system using ethical hacking techniques with Kali Linux, focusing on tools like Metasploit and Armitage. It covers setup, exploitation, brute force methods, denial-of-service modules, and the use of a graphical interface for easier execution of attacks. The conclusion emphasizes the hands-on experience gained in identifying vulnerabilities and testing security measures.

Uploaded by

arpit.homwisor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Objective:

To gain access to a system using ethical hacking techniques and tools


provided in Kali Linux, with evidence provided as screenshots.

Steps and Execution:

Part 1: Setup

1. Initialize Services:
a. Metasploit depends on the Postgresql database to store and
retrieve information about exploits and vulnerabilities efficiently.
Start the database service using the following command:

sudo systemctl enable --now postgresql

This command ensures that the service starts immediately and also enables
it to start automatically on every boot.

b. If this is the first time running Metasploit, initialize its database


by executing:

sudo msfdb init

This step sets up the necessary database structure and connects Metasploit
to Postgresql.

A status of "active (running)" indicates that the service is correctly set up.

2. Launch Metasploit Console:


a. Start the Metasploit console by typing:

msfconsole

Allow a few moments for the console to initialize fully. You should see the
Metasploit banner followed by a command prompt (msf>).
b. Screenshot:

Part 2: Exploitation with Metasploit

1. Search for Exploits:


a. Use the search command to find exploits targeting specific
vulnerabilities, systems, or software versions. For example:

search cve:2015 type:exploit platform:Windows

This command filters results based on CVE (Common Vulnerabilities and


Exposures) IDs from 2015 for Windows systems. The output lists all matching
exploits, including their paths and descriptions.

b. Carefully review the list to choose an exploit suitable for the


target system. Take note of its full path.
2. Load and Configure the Exploit:
a. Load the exploit module using its path from the search results:

use exploit/windows/local/ntapphelpcachecontrol
After loading, the prompt changes to indicate the active module (e.g., msf
exploit(ntapphelpcachecontrol) >).

Screenshot:

b. Display configurable options using:

show options

This shows parameters like RHOST (target IP address) and RPORT (target port
number) required by the exploit.

c. Set the necessary parameters:

set RHOST [Target IP]


set RPORT [Target Port]
Screenshot:

Replace [Target IP] and [Target Port] with the actual IP address and
port of the target machine.

3. Execute the Exploit:


a. Launch the exploit:
Exploit
Screenshot:

Part 3: Brute Force MySQL

1. Prepare Username and Password Files:


a. Create two text files:
i. users.txt: A list of potential usernames.
ii. passwords.txt: A list of potential passwords.
b. Populate these files with realistic data. For example:

users.txt:
admin
root
user1

passwords.txt:
password
admin123
root@123

c. Alternatively, download sample wordlists from reliable online


sources for better results.
2. Run Auxiliary Module for Brute Force:
a. Load the MySQL login scanner module:

use auxiliary/scanner/mysql/mysql_login

b. Check the module’s configurable options:

show options

c. Set the required parameters:


set user_file users.txt
set pass_file passwords.txt
set RHOST [Target IP]
set RPORT 3306

d. Execute the module:

run

Monitor the output for any valid username-password combinations.

Part 4: Auxiliary and DoS Modules

1. Identify Auxiliary Modules:


a. Search for auxiliary modules for vulnerability scanning or denial-
of-service attacks:

search type:auxiliary scanner

b. Review the search results to find a module relevant to your task.


2. Run a Denial-of-Service Module:
a. Load the selected module:

use auxiliary/dos/example_module

b. Configure the target parameters:

set RHOST [Target IP]

c. Execute the module:

run

Observe the results to determine the success of the attack.


Screenshot:

Part 5: Using Armitage

1. Launch Armitage:
a. Open Armitage, the GUI interface for Metasploit, from the Kali
Linux menu under "Exploitation Tools."
b. Connect to the Metasploit framework by following the on-screen
prompts.
2. Perform Exploits and Scans:
a. Replicate steps from Parts 2 and 3 using the graphical interface
of Armitage.
b. Use the visual representation to plan and execute attacks more
intuitively.
3. Save Evidence:
a. Capture screenshots of each step performed in Armitage,
showing both the process and outcomes.
b. Screenshot:

Conclusion:

This lab provided comprehensive hands-on experience in ethical hacking.


Using tools like Metasploit and Armitage, it demonstrated how to identify
vulnerabilities, exploit systems, and test security measures. The practical
application of these techniques enhances understanding of penetration
testing workflows and methodologies.

You might also like