Finishing the Metasploit: Exploitation room from yesterday.
As shown below, we create a payload using msfvenom as a reverse shell using the .elf format.
We download that shell onto the target machine.
We create a msf handerler to catch the connection when we hit the shell.
From there we have shell access to the vulnerable machine and we cat the /etc/shadow file for the answer! (I was trying to use hashdump and forgot this was a linux box!)
After this we proceeded onto the Metasploit: Meterpreter room which brings all the things we have learnt together.
We assume the postion of an already compromised machine via SMB (Server Message Block) (using exploit/windows/smb/psexec).
After this we are then tasked with finding the computer name via the sysinfo command via meterpreter, then gaining the target domain information by backgrounding the session and using post/windows/gather/enum_domain module & various other things like locating the flags.txt via the “search -f *.txt” function and hashdumping the creds and also cracking said hashes.
This room focusing on backgrounding sessions and using different modules within Metasploit to work in conjunction with the compromised session which gives the initial foothold for the room.
Overall quite fun and straight forward, would recommend this room!
Until next time & don’t sleepwalk through life!
Довиждане