Steps Taken: 1. Scan with NMAP the first target machine: - Port 21 = ftp is open! 2. Preparing Metasploit: 3. Searching for exploit and executing it: - This isn't vulnerable to this expl...

Steps Taken: 1. NMAP-ing the nearby network to figure out what services the first target machine is using: nmap -sV --script=banner 192.39.205.3 2. Scan users using ‘finger’ service: - Usin...

Metasploit Pivoting I Steps Taken: 1. NMAP-ing the nearby network to find out where the first target machine is: - As you can see, there are 3 ports opened with 3 services this machine is worki...

Pivoting VIII Steps taken: 1. Check your network configuration: 2. Scan the network of the target machine: 3. Check vulnerabilities of the webpage: nmap -Pn --script=vuln 192.219.188.3 4. C...

Pivoting VII Steps Taken: 1. Scan the target machine with NMAP: nmap -sV --script=banner {target-ip} 2. Use Hydra to brute force the credentials since SSH is available: hydra {target-ip-interna...

Pivoting V Steps taken: 1. Doing a portscan on the web server via NMAP: # nmap -sV --script=banner {target-ip} - ports 139 and 445 are open. Now, find exploits for Samba in Metasploit! Red...

Pivoting IV Steps Taken 1. Get the banner of the target machine. - Notice that the open ports are 21(vsftpd) and 22(SSH). 2. Set up your database on the Metasploit. # service postgresql sta...

Pivoting III Steps taken: 1. Take the banner of the first target machine: 2. Use “curl” to figure out the software being used on this server. - Notice that the program that sticks out is nam...

Pivoting II Steps taken: 1. Get the banner of the target machine. # nmap -sV --script=banner 192.220.27.3 2. Since I don’t know what kind of software is being run on the webpage(since its run...

Pivoting IX Steps Taken: 1. Scanning the first target machine: 2. Enumerating directories on the webpage through the use of dirbuster: - Note that it is given to us where the link to login ...