PENETRATION TESTING FOR BEGINNERS: EXPLOITING A VULNERABILITY WITH METASPLOIT FRAMEWORK

metasploit

The free and limited version of the Metasploit framework Community is a tool that allows you to run and develop exploits against target systems. It is currently integrated with Kali Linux, a Linux distribution with various security-oriented tools, and is widely used for penetration testing. In the previous magazine we mentioned some of the most important tools to enter the world of penetration tests. Now, we will use Metasploit to show the exploitation of a vulnerable server step by step.

What stages are considered during a penetration test?

To perform a penetration test it is necessary to consider different stages. The first of these consists of collecting information about the target system and is commonly known as the reconnaissance stage. Based on the data obtained, the appropriate decisions and the steps to follow in later stages will be made. Once the data has been collected and analyzed, we proceed to the instance where the exploitation will be carried out on the target system. The selection of the exploits to be used will depend exclusively on the information obtained in the previous stage. Finally, once the attack has been carried out, the impact is analyzed, possibly new actions will be carried out based on the latter.

The documentation and generation of reports concludes the penetration tests and usually reflects the complete work on the part of the pentester (person who carries out the penetration test).

There are different methodologies that can be implemented to perform penetration tests, where each of the variants differs mainly in the techniques and methods to carry out the respective tasks. Some methodologies are of the blackbox type, where basically no information about the target system is known. In contrast, there are the whiteboxes, where there is information about the target system, such as application source code, configurations, among other alternatives. In turn, there are different stages according to the methodology used.

In this case, without distinguishing the methodology, we will focus on the recognition stage. Within this there are two ways of collecting information, either actively or passively. In the first case the information is obtained directly from the target system and in the second indirectly. Finally, we will run the exploitation stage, as it will allow us to get an overview of what a penetration test actually involves. Likewise, a complete analysis involves other stages, such as enumeration, access, among others.

How to start?

In order for readers to be able to do the attack step by step, they should install two virtual machines connected to each other. For this it is possible to use VMWare or VirtualBox, in reality there are other alternatives, although these two are the most popular. The two virtual machines that need to be installed are the following:

  • Kali Linux: as we mentioned in the previous issue of the magazine, it is the penetration testing distribution par excellence under the GPL license, it can be downloaded from: http://www.kali.org/
  • Metasploitable 2: it is a machine created for academic purposes, which already has several vulnerabilities that allow it to be easily tested on it, it can be downloaded from: http://sourceforge.net/projects/metasploitable/files/Metasploitable2/

To continue, it is important to verify that both machines have visibility of each other (that is, that they can communicate). This can be verified with a simple ping between the two.

Then, from the Kali Linux machine (the entire exercise is carried out on this machine, the second only acts as the target of the attack, but no actions will be performed on it other than turning it on to “attack it”) we will use the Metasploit console (msfconsole) from where all the corresponding commands will be launched on the server in which the penetration test is to be carried out. To open the console, all you need is the command.

.

Leave a Reply

Your email address will not be published.