Getting Started with Metasploit In this lab, you will explore the fundamentals of Metasploit to examine a host for appli
Posted: Fri May 20, 2022 10:33 am
Getting Started with Metasploit
In this lab, you will explore the fundamentals of Metasploit to
examine a host for application vulnerabilities.
Step 1: Log in to your U.S. Cyber Range account and Kali Linux
host.
Step 2: To save your terminal output to a file for this lab
activity, type the following command in the terminal. At the end of
the lab activity, type Control-D to
terminate this command.
Step 3: Launch Metasploit in Kali and get acquainted with this
tool using the following search commands:
Step 3: To explore details about a specific module you can use
the info command to read the details of
the vulnerability associated with the module. Example:
Step 4: To use a selected module, use
the use command. Note the change in the
command prompt after submitting this command.
Step 5: Next, before launching a module, you'll want to verify
the required options such as rhost, rport, etc. Before moving on to
the next step, verify the IP address of your Metasploitable VM and
set the rhosts value to the
Metsploitable VM's IP address with
the SET command. After running the
following command verify that all required values are set.
Step 6: Now its time to check to see if this host is vulnerable
to MS17-010
(EternalBlue). Enter the following command to run the
module.
Step 6: Observe the results, why isn't the host vulnerable to
EternalBlue? Type Exit to quit
Metasploit.
Step : Turn in Lab Activity
In this lab, you will explore the fundamentals of Metasploit to
examine a host for application vulnerabilities.
Step 1: Log in to your U.S. Cyber Range account and Kali Linux
host.
Step 2: To save your terminal output to a file for this lab
activity, type the following command in the terminal. At the end of
the lab activity, type Control-D to
terminate this command.
Step 3: Launch Metasploit in Kali and get acquainted with this
tool using the following search commands:
Step 3: To explore details about a specific module you can use
the info command to read the details of
the vulnerability associated with the module. Example:
Step 4: To use a selected module, use
the use command. Note the change in the
command prompt after submitting this command.
Step 5: Next, before launching a module, you'll want to verify
the required options such as rhost, rport, etc. Before moving on to
the next step, verify the IP address of your Metasploitable VM and
set the rhosts value to the
Metsploitable VM's IP address with
the SET command. After running the
following command verify that all required values are set.
Step 6: Now its time to check to see if this host is vulnerable
to MS17-010
(EternalBlue). Enter the following command to run the
module.
Step 6: Observe the results, why isn't the host vulnerable to
EternalBlue? Type Exit to quit
Metasploit.
Step : Turn in Lab Activity