Daniel demonstrates how to gain access to a Windows and Linux server using metasploit. This is one of his favourite tools.
In future videos, he will show us additional tools.
Menu:
- We like win: 0:00
- I am administrator: 0:25
- Linux access: 0:40
- Password hashes: 1:20
- Introduction: 1:35
- Metasploit framework overview: 1:50
- Why is this one of your favourite tools? 2:28
- Windows and Linux: 4:05
- This is a local lab: 4:43
- Windows Metasploit demo: 5:40
- Eternal Blue overview: 6:35
- Start eternalblue: 7:24
- Check attack viability: 8:35
- Specify target (RHOSTS): 9:35
- Exploit (check hosts): 10:32
- Gain access: 10:50
- Reverse shell :11:30
- Set rhosts: 13:01
- Set payload: 13:28
- Set lhost: 14:08
- Set lport: 14:30
- Run exploit: 14:53
- Win: 15:58
- Shell access gained: 16:10
- Full Admin access: 17:20
- Summary of what was done: 18:14
- This is much easier - use automation: 18:49
- Why did this work? 20:35
- What about Linux? 21:15
- Linux demo example: 21:48
- Linux shell bug: 22:29
- Use option 5: 23:50
- Set header: 24:39
- Set rhosts: 25:06
- Set targeturi: 25:35
- Set lhost: 26:17
- Exploit: 26:33
- shell created: 26:55
- Make pretty: 27:07
- Use Linux commands: 28:01
- Which user account is used: 28:27
- Got a remote shell :28:51
- Escalate priv: 29:00
- Get admin and root accounts: 30:28
- Summary of what we have done: 30:49
- What other tools are you going to show us: 33:03
Download software and VMs:
VM used: https://www.vulnhub.com/entry/bwapp-bee-box-v16,53/
Kali Linux: https://www.kali.org/downloads/
#linux #hacking #security #developer