Task 2: System hacking using Metasploit Framework Bind Shell

You will use two VMs for this task (Kali as the attacker and Metasploitable as the target victim)

1. Target victim

a. With reference to the vulnerability assessment weve learned, what is VsFTP and is it vulnerable?

b. Log into your Metasploitable VM and note down its IP Address.

2. Starting Metasploit

a. Before you start Metasploit, you need to start the PostgreSQL database, which Metasploit will use to track of all activities and scans. Run the following command to start the database service, create and initialize the msf database, and launch msfconsole:

sudo service postgresql start

sudo msfdb init

sudo msfconsole

b. And now you should be at the prompt of Metasploit console as shown in the figure below. Note the number of exploits and payloads.

c. What is Metasploitable framework and explain how is it helpful for penetration testers?

d. What is PostgresSQL and what is it used for?

e. What is msfconsole?

f. How many exploits and payloads are offered by metasploitable framework?

g. What do exploit and payload mean and what are the differences between them?

3. Finding Metasploit modules

a. You can use the Metasploit built-in search function to find and match Metasploit modules to vulnerabilities by Common Vulnerabilities and Exposures (CVE) number, Microsoft Security Bulletin, or Open Sourced Vulnerability Database (OSVDB) ID.

b. Since we know the vulnerability we want to exploit, VSFTPD, use Metasploit search feature to find exploit module(s) for this vulnerability. Run the command below:

msf > search VSFTPD

c. Once youve identified a module to use, use the info command with the module name to list more information and details of the module. Run the command below:

msf > info moduleName

What is the name of the exploit module for VSFTP? What does this module do?

d. Now run the command below to tell Metasploit to use this module:

msf > use moduleName

this will move you into the context of the exploit module.

4. Setting module options

a. Once the exploit module has been identified and selected, you need to set the exploit options. Run the command below, to list the information you may need to provide to Metasploit to run the module:

show options

- Which IP address would you set RHOST to?

- What is the default value of RPORT? Do you need to change it? Why?

b. Now set the correct IP address for RHOST

set RHOST x.x.x.x

c. Run the command show options again to verify the value of RHOST is set correctly.

- Provide a screenshot.

5. Now execute the exploit module. Run the command below:

run

- Describe and explain the results.

- Provide a screenshot.

- What is bind shell?

6. Run a command at the shell prompt.

- Explain how this exploit works and Provide a screenshot of the output.

7. Abort the shell session using Ctrl-C to return to Metasploit console.

8. Now, search for another exploit MS08-067. Provide a screenshot of your result.

9. What does this exploit do, which operating system does it target, to which port it is connected, and how dangerous is it?