If you can see this check that

Main Page

Exploitation using the Metasploit Framework (MSF)


Authors: Rich Macfarlane, Gordon Russell

This practical runs a Windows XP target, which we can then use to explore the many features of the Metasploit framework. Due to the complexities of the framework, "check button" tutorials were proving to be quite challenging, so we are using pdf tutorials. However this tutorial starts the lab ready for the practical to then be completed in the linuxzoo vitual environment. Start your Kali Linux machine, and then you can boot the target below.

To reset all the check buttons from a previous attempt click here

Question 1: Target 2 - Boot

Press this button to ready your machine for running with the virtual machine targets. If your machine is reset or you reboot then you may have to press this button again.

Note that this target can take (quite) a few minutes to boot, as it has many processes running many services.

Tests - not attempted
Script ready UNTESTED
Target network UNTESTED

The machine can take a few minutes to warm up. Press the test button to see if it is running fully. So long as the network of the target is running, you can continue to the next question while you wait for the XP target.

Tests - not attempted
Target 2 initiated UNTESTED
Target 2 network running UNTESTED
Target 2 all services running UNTESTED

Question 2: Network Device

Target 1 lies somewhere in - This time use "ip route show" and find out the device name on your machine which would be used to handle packets going to target 1. You can identify it by looking at the output, finding the line involved with the target subnet, and looking for the "dev".

Target network device:

Tests - not attempted

What is your machine's IP number on the target network?

Your IP:

Tests - not attempted

Question 3: Network scanning with nmap

The target needs to be running before starting this question.

Use nmap to sweep the target network, and identify the IP address of target 1. Use the appropriate flags to keep this scan efficient.

Target IP:

Tests - not attempted
target ip UNTESTED

On the target machine, list the first 3 port numbers found in numerical order using a standard nmap portscan of the common ports open on the target.

Open port 1
Open port 2
Open port 3

Tests - not attempted
first port UNTESTED
second port UNTESTED
third port UNTESTED

Question 4: Metasploit Framework

Before we use the Metasploit Framework, lets check the MSF database is running, and start it if not. Start the MSF database:

msfdb start

Tests - not attempted
metasploit db running UNTESTED

Start the Metasploit Framework console interface, and then switch to the pdf lab6 practical tutorial now.


Tests - not attempted
metasploit console process UNTESTED

Question 5: Target 2 - Shutdown


Pressing this button shuts down your target machine. If you want to use the target again after pressing this button, go to the first check button above and press that, which will restart the target.

Only use this if your target is dead. This may happen if you launch a metasploit expoit at the target which causes part of the target to crash. But if you use then and then restart the target, you need to wait 5 minutes while the target boots again. Dont use this button without careful thought!

Tests - not attempted
Script ready UNTESTED
Target 2 off UNTESTED
Target network off UNTESTED

Centos 7 intro: Paths | BasicShell | Search
Linux tutorials: intro1 intro2 wildcard permission pipe vi essential admin net SELinux1 SELinux2 fwall DNS diag Apache1 Apache2 log Mail
Caine 10.0: Essentials | Basic | Search | Acquisition | SysIntro | grep | MBR | GPT | FAT | NTFS | FRMeta | FRTools | Browser | Mock Exam |
CPD: Cygwin | Paths | Files and head/tail | Find and regex | Sort | Log Analysis
Kali: 1a | 1b | 1c | 2 | 3 | 4a | 4b | 5 | 6 | 7a | 8a | 8b | 9 | 10 |
Kali 2020-4: 1a | 1b | 1c | 2 | 3 | 4a | 4b | 5 | 6 | 7 | 8a | 8b | 9 | 10 |
Useful: Quiz | Forums | Privacy Policy | Terms and Conditions
Site Links:XMLZoo ActiveSQL ProgZoo SQLZoo

Linuxzoo created by Gordon Russell.
@ Copyright 2004-2023 Edinburgh Napier University