Exploitation with Metasploit Framework

In this part you will be able to do some basic exploitation using the Metasploit Framework. In order to be able to complete everything on this lab you will require the following:

Kali Linux, with Metasploit Framework installed;
Metasploitable 2 virtual machine;
Windows 7 virtual machine.

Bellow you’ll find the list of vulnerabilities and how to exploit those vulnerabilities with Metasploit Framework. These vulnerabilities were previously identified by the usage of a vulnerability scanner:

vsftp Backdoor Vulnerability [CVE-2011-2523]
UnrealIRCd backdoor [CVE-2010-2075]
distCC RCE [CVE-2004-2687]
Java RMI Server Insecure Default Configuration RCE Vulnerability
VNC Brute Force Login
MySQL / MariaDB Default Credentials (MySQL Protocol)
SAMBA (Samba “username map script” Command Execution)
Tomcat (Apache Tomcat Manager Application Deployer Authenticated Code Execution)
Apache (CGI Argument Injection)
Windows Eternalblue [CVE-2017-143,144,145,146,148]

PreviousBasics of Metasploit Framework Nextvsftp Backdoor Vulnerability [CVE-2011-2523]

Last updated 6 months ago