Week 4 Assignment - devinziegler/Devin-Tech-Journal GitHub Wiki

Assignment: Week 4 - Metasploit Framework

In this lab we used a password list and Metasploit to brute force login through ssh.

Keeping a system up to date is important for security. Once an exploit is found for a service version, the developers will release a new version fixing the vulnerability. Updating the system will install the new version making your system more secure.

  • Update commands
sudo apt update
  • apt update will download new library's to your system
sudo apt upgrade
  • apt upgrade will install those new library's completing the update process

Metasploit commands

Opening the Metasploit shell

msfconsole

Searching

search <the-exploit-you-want>

Show options (very helpful to see what you need for exploit to run)

show options

Selecting an exploit

select <exploit>

Setting a parameter

set <parameter> <parameter>

Watching logs

Reading and understanding logs is a very important to understanding what is happening on your system. You can find the logs used in this lab in the log directory.

The tail command is useful for showing recent activity in these logs. By default tail will print the last 10 lines of the log, meaning the newest events will be on the bottom.

tail <log-file>

Example of log file

authlogSubmission

  • The red arrow indicates the line where the brute force attack as successful. A successful connection was made through the ssh protocol.

Example of successful exploit in msfconsole

sshSubmission

  • The red arrows above point to the username and password that were used to make the ssh connection
⚠️ **GitHub.com Fallback** ⚠️