sudo apt update sudo apt install metasploit-framework sudo apt upgrade
Read the first page at https://www.offensive-security.com/metasploit-unleashed/Msfconsole/
Then click to the next page and skim the various commands and what they do.
If you haven't done so already, watch this video:
helpand then scroll up to read the list of core commands and their descriptions.
lsand observe the output (which should be a list of files in the same directory from which you launched the msfconsole command. NOTE: The ls command is NOT a metasploit command. The msfconsole program will send unrecognized commands to the shell from which it was launched which conveniently allows you to perform a variety of tasks from within msfconsole!
To perform initial setup for the database do these commands which will start the database, instruct Kali to start then database when it boots up again in the future:
sudo systemctl start postgresql.service
sudo systemctl enable postgresql.service
sudo msfdb init
db_status(Should say “Connected to msf.”)
Spend a moment to read the list of database commands available in msfconsole. We'll be especially intereted in the workspace command.
Create (on you local computer ... i.e., NOT in Kali) a text document named hw4.txt and record the commands you enter to accomplish the tasks below as well as your answers to questions in the instructions below. Then do these commands from your msfconsole:
db_nmap -sS -sV -O -PN -p- MS3WIP --privileged
NOTE: You can press enter at the msfconsole to get a report for how much progress has been made on the command. This command will take quite some time to complete. How long did it take for this command to complete? (1 pts)
servicescommand to see a list of ports discovered by
db_nmapin the previous step. How long did it take for this command to complete? (1 pts)
db_nmapcommand on the MS3L machine using the same options as above except with these two changes:
-T2option to the command so that the command runs in a more stealthy mode.
Write down the full command that you typed to accomplish this action.
servicescommand to view the MS3L services and detected versions. Then switch back to the
ms3wworkspace before continuing.
services -h command to see options for services. What do
-S switches accomplish in this command? (2 pts)
Then paste into your text document the output of the
command with the switches applied.
vulns -hcommand to learn about it. What does the
vulnscommand to report all vulnerabilities associated with the port typically used with the SSH protocol. In your text document show the command you used and paste in the results of the output of the command. NOTE: We are expecting this to be blank because we haven't stored vulnerabilities in our local database yet (more on that in future homework).
Upon completion of this assignment, upload your text document to this Canvas assignment.