Home‎ > ‎CIS 75‎ > ‎

Lab 4 - Metasploit

There's a tool on Kali Linux that brings together a number of different hacking tools called Metasploit. Metasploit itself is not a hacking tool but a "tool of tools" (sometimes called a framework) that makes it easier to develop tests for exploits and to do "fuzzing" which is a technique that randomly tries to discover weaknesses. For this lab we'll setup and use Metasploit in Kali Linux. 

Get Ready
In order to do the commands in this lab you will need to use the terminal. The terminal is launched by clicking the icon shown in the picture below.

When your terminal appears first enter the following command:

# ifconfig

The output contains your IP address. Make a not of it, you will need it later. The address will be in the place shown in the example below.


Step 1: Start Armitage
Metasploit itself is a command line tool. It's very effective once you've learned the commands but learning them takes time. The Armitage program is a GUI for Metasploit that makes getting started easy. 

# service postgresql start
# service metasploit start
# service metasploit stop 
# armitage

When Armitage loads it will present this dialog box:

  

Simply click "Connect," Then click "Yes." If you have not run the "service" commands above you will see the following error message: 


If that happens start step 1 over. 

Step 2: Look for hosts
Now that you have Armitage running you can use it to discover hosts on your local network. Selecting "Connection Information" will bring up a windows that looks like the one on the right. Your scan range will be your IP address with a "/24" on the end. Now you will scan for nearby machines. In the Hosts menu select MSF Scans as shown

  

A dialog asking for the range of IP addresses to scan will be presented. In that dialog type in your own IP address with "/24" on the end as shown. Though Armitage doesn't show it, the scan is running. It may take several minutes. The scan is doing two things:
  1. Pinging IP addresses to see if anyone is there
  2. Port scanning (using nmap) all hosts that seem alive
At the end of the process Armitage will have built a host list in it's hosts view. Take a screenshot of the hosts and submit it for credit. Next week we will build on this capability. Your screenshot should look something like this (the actual hosts will vary):



Grading
  • 20 points for a screenshot showing that you've successfully found some victims 

Comments