EXPLOITATION OF WINDOWS AND LINUX BASED OPERATING SYSTEM.

  1. Next step is to start the service of the metasploit. # service postgresql start.
  2. Next step is to open the metasploit by the command # msfconsole.

Next command is to search the vulnerabilities found by the nessus by the exploitation process.

Next command is to get the information about the payload.

The command is # info(copy paste the payload needed).

Next step is to use the payload to exploit the system the , command is #use(copy paste the payload).

After the use command we need to verify the payload, for that #show options , command is used.

Next we need to set the RHOSTS, which the RHOSTS means the victims ip addresses.

The command is #set RHOSTS (VICTIM IP ADDRESS).

To verify the changes have been made ,again the command #show options, is used.

In this , we can verify lhost and lport.

Next exploit command is used.

Meterpreter is opened and we can give the command as example.

The image saved by the screenshot command is,

To exit we use command #exit .

Now the below part is the attack towards Linux based machine.

  • We need ,

Attacker machine : Kali Linux.

Target machine : metasploitable(ip add: 192.168.73.19)

The steps involved in this attack is ,

->Find the IP address of target machine and make a note.
->Start the nmap port scanning to find the open ports.
->Now, use web browser to find the vulnerability with the version name which is visible when the port scanning is made.
->Collect the results from famous websites like rapid7.com, exploit-db.com, packetsteram.com,etc.
->Now, same procedure as the above attack.
->Find the vulnerability with the name SAMBA
->After finding it SET LHOST with victim IP address.

Commands to execute are,

# msfdbinit

# service postgresql start

# msfconsole

# search

#info

#use

#exploit.

After this we will use command #session -l and use basic Linux command to get the result.

(PART 4 LINK, OF THE REPORT HAS BEEN ATTACHED BELOW — https://medium.com/@chinmayks16/nmap-port-scanning-127d2fa3c502)

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Family House Hack Free Resources Generator

Weird Email Verification Bypass

Horizontall Hack The box Write-up | Horizontall HTB Write up

The Insertion of Data Encryption Standard(DES)

{UPDATE} Minesweeper Lv99 Hack Free Resources Generator

{UPDATE} Catte Hack Free Resources Generator

The Metaverse is One Giant Deep Fake

HTB — OPTIMUM

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Chinmayks

Chinmayks

More from Medium

MoneyKey.com Promo Code

Dissecting the Skylanders portal  —  part 1

Pact Modules Explained: Kadena

A Comprehensive Guide to Desktop as a Service (DaaS) Security