This week we are going to install another vulnerable machine called “Metasploitable 2” that serves much the same purpose.
As with previous assignments you should create a text file that you will use to document your work. You will be submitting this file to Canvas when the assignment is complete.
sudo apt update sudo apt upgrade
Once it has been configured properly you should start it up and verify you can log in using the default credentials. While there you should issue a command to reveal its IP number. In your text file record this number (along with a description of what machine it maps to). (2 pts)
ms2
db_nmap
to find all open ports, get version information for them, and
save the results. (Paste the command you used into your text document).
use auxiliary/scanner/smb/smb_version
and then type: options
to see what variables must be set.
set RHOSTS ms2ip
(here and throughout these instructions
ms2ip
refers to the IP number of your Metasploitable2 box).
Then type run
to run this scanner. Paste in the results of
the scan.
use auxiliary/scanner/smb/
and the press the TAB key a couple of
times. This will list the available tools Metasploit offers. Paste
the list into your text document.
smb_ms17_010
looks
like a code for a known possible issue. Do an internet search for ms17_010
and look at Microsoft's report on this issue. According to that report
what can happen if this issue is left unpatched?
smb_ms17_010
tool and run it.
According to Metasploit is Metasploitable2 vulnerable to this attack?
auxiliary/scanner/mysql/mysql_version
tool to determine
the precise version information running on MS2. Paste in the results
of this.
Passwords
folder and then on the Default-Credentials
folder.
Then download manually (you can copy/paste if you want) the contents of:
mysql-betterdefaultpasslist.txt
. You can put this downloaded file
in your Documents folder in Kali. Paste in this list of default passwords
associated with MySQL.
auxiliary/scanner/mysql/mysql_login
tool.
Inspect the options for its usage. Then enter the following values:
set RHOSTS ms2ip set BLANK_PASSWORDS true set USERPASS_FILE Documents/mysql-betterdefaultpasslist.txt
NOTE: If you have read the description of the USERPASS_FILE
variable you'll see that it want users and passwords separated by
a space. So, you'll need to edit the password list according (because
it is separated by colons).
Now run the tool. According to the results did any of the attempted username/password combinations succeed? If so which ones?
auxiliary/scanner/http/crawler
tool to get a list of URLs that are being served at the site. NOTE: When
I use this tool it works for a bit and then crashes.
Go ahead and use the tool and copy/paste the output (prior to the error messages) into your text file.
In a browser visit the Twiki home page on the MS2 webserver you just enumerated. Click the “get started” link and the paste the description given for Twiki into your homework text document.
Upon completion of this assignment, upload your text document into Canvas.