The purpose of this lab is for you to familiarize yourself with the Metasploit Framework. Although you had had some exposure to it, it will be important for you to develop enough skill with this tool that you will be able to launch a number of different attacks given diffefent scenarios. It is valuable for developing your attacking skills as an attacker, and for being able to build attacks that will test your defenses. This kind of skill only comes through study and practice.

Tasks

• Watch the descriptive video below and answer the questions.
• Then perform the walkthroughs as instructed.
• This is the same video as studied in Learning Journal 2

Your Report - Important

NOTE: Your report must be properly done, and easy to read.

This lab can be difficult to mark. Therefore:

Each separate walkthrough must have an easily seen (large bold type) heading, indicating the number of the exploit (as numbered in the resource), the service being exploited, and the relevant port number

You should have a table of contents at the beginning of your report, with a link to each walkthrough.

Failure to follow this guideline will result in a failing grade

The video

Watch this video:  https://www.youtube.com/watch?v=TieUDcbk-bg

Metasploit For Beginners - Modules, Exploits, Payloads And Shells: 

 

For this lab we will use Kali Linux to attack the Metsploitable 3 Windows Server

 

Walkthroughs

I found these walkthroughs to be quite good. Unfortunately, the site owner has chosen a name some might find offensive. Try to ignore it. I think it is worth it because I haven't found another more thorough approach to hacking metasploitable. I am sorry I could not find material of equally valuable content with a more suitable name. The screenshots in these walkthroughs can be accessed by clicking on the provided link within the walkthrough.

Perform the following walkthroughs, launching the attacks from your Kali box targeting your Metasploitable 2 box. Write a report showing and explaining your results. Be sure to explain in your own words what the attack is trying to accomplish.

To get a passing grade in this lab you must complete at least half of all of the Windows Server walkthroughs.

To get full marks you must complete all of the Windows Server walkthroughs.

 

Microsoft Windows Server 2008R2 Exploitation using metasploitable 3

"Metasploitable3 is a Windows Server 2008R2 VM that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used as a target for testing exploits with Metasploit. Not every type of vulnerability on Metasploitable3 can be exploited with a single module from Metasploit, but some can. Also, by default, the image is configured to make use of some mitigations from Windows, such as different permission settings and a firewall."

from https://tremblinguterus.blogspot.com/2020/11/metasploitable-3-windows-walkthrough_34.html

 

Before you start: 

About Advanced Scanning and Enumeration

Students have been experiencing some difficulty in getting OpenVAS to run on Kali. Frequent updates to Kali regularly break our labs. In some cases we take the time to fix the problem, but given the fact that you will be looking at vulnerability scanning in some detail next semester you may skip this step. However, if you have insatiable curiosity and drive to succeed, you are encouraged to get it working. This might bring you closer to A+.

Also, nmap is a powerful tool that you need to learn howto use, Be aware that some scans take time, and you might think that nmap is frozen, Hit to see progress. Also, nmap does reverse DNS scans by default. These can take time, especially if your VM does not have Internet connectivity. Add the -n option to turn off DNS lookups.

You should want to master nmap. Here are a couple of nice tutorials:

• nmap Tutorial to find Network Vulnerabilities: https://youtu.be/4t4kBkMsDbQ?si=GzajN8e7UbyyulrT
• nmap Tutorial For Beginners: https://youtu.be/NtPcoDtetvk?si=J45BcMN3_8JKC0B6

Start:

1. Advanced Scanning and Enumeration: https://tremblinguterus.blogspot.com/2020/11/metasploitable-3-windows-walkthrough_34.html

 

 

 

 

 

 

Please  make for me  clearly  and follow the instructions. make sure is cleary  for  eatch steps