Chinmayks

Apr 5

3 min read

EXPLOITATION OF WINDOWS AND LINUX BASED OPERATING SYSTEM.

  1. Next step is to start the service of the metasploit. # service postgresql start.
  2. Next step is to open the metasploit by the command # msfconsole.

Next command is to search the vulnerabilities found by the nessus by the exploitation process.

Next command is to get the information about the payload.

The command is # info(copy paste the payload needed).

Next step is to use the payload to exploit the system the , command is #use(copy paste the payload).

After the use command we need to verify the payload, for that #show options , command is used.

Next we need to set the RHOSTS, which the RHOSTS means the victims ip addresses.

The command is #set RHOSTS (VICTIM IP ADDRESS).

To verify the changes have been made ,again the command #show options, is used.

In this , we can verify lhost and lport.

Next exploit command is used.

Meterpreter is opened and we can give the command as example.

The image saved by the screenshot command is,

To exit we use command #exit .

Now the below part is the attack towards Linux based machine.

  • We need ,

Attacker machine : Kali Linux.

Target machine : metasploitable(ip add: 192.168.73.19)

The steps involved in this attack is ,

->Find the IP address of target machine and make a note.
->Start the nmap port scanning to find the open ports.
->Now, use web browser to find the vulnerability with the version name which is visible when the port scanning is made.
->Collect the results from famous websites like rapid7.com, exploit-db.com, packetsteram.com,etc.
->Now, same procedure as the above attack.
->Find the vulnerability with the name SAMBA
->After finding it SET LHOST with victim IP address.

Commands to execute are,

# msfdbinit

# service postgresql start

# msfconsole

# search

#info

#use

#exploit.

After this we will use command #session -l and use basic Linux command to get the result.

(PART 4 LINK, OF THE REPORT HAS BEEN ATTACHED BELOW — https://medium.com/@chinmayks16/nmap-port-scanning-127d2fa3c502)

--

--

--

More from Chinmayks

Love podcasts or audiobooks? Learn on the go with our new app.

Try Knowable

Recommended from Medium

Karlotta Nealson

{UPDATE} Family House Hack Free Resources Generator

Vaibhav Atkale

Weird Email Verification Bypass

Futurembt

Horizontall Hack The box Write-up | Horizontall HTB Write up

Ashutosh Kumar

in

Dreams On Fire!

The Insertion of Data Encryption Standard(DES)

Eddie Quintie

{UPDATE} Minesweeper Lv99 Hack Free Resources Generator

Bianka Lorita

{UPDATE} Catte Hack Free Resources Generator

Jerry Bui

in

Digital Forensics Future

The Metaverse is One Giant Deep Fake

Raj Singh Chauhan

HTB — OPTIMUM

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Chinmayks

Chinmayks

More from Medium

Moneykeycomprocode

MoneyKey.com Promo Code

Marijn Kneppers

Dissecting the Skylanders portal  —  part 1

Ryan Matta

Pact Modules Explained: Kadena

Methli William

A Comprehensive Guide to Desktop as a Service (DaaS) Security

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable