Attacking Metasploitable - Apache Tomcat - Metasploit Tutorial

Hello guys,
Here's my second Metasploitable-Attacking video. Today we will exploit Apache Tomcat in Metasploitable use Metasploit of course.

Attack description:

1. We did a full nmap port scan, and I detected tomcat installed in the server on port 8180
2. Search for tomcat in Metasploit console "msfconsole" command to find any kind of auxiliary, and or an exploit available for it
3. We found a good exploit which allows command execution, but it needed the USERNAME and PASSWORD of the target server
4. I executed an auxiliary that tried the default tomcat Login details on the target server (This is good when the server admin uses bad passwords)
5. We found the login details, That made the code execution exploit possible to use now
6. We execute the code execution exploit, and we get shell access (You can change the payload, but you don't really need to)
7. After we get the shell access, as we search in /root directory, we find /root/.ssh/authorized_keys
8. As I saw in a post by g0tmi1k about the same attack, those keys have weakness (READ MORE HERE)
9. We download "rsa" weak keys to kind of crack the key, the file can be found on exploitdb search "/pentest/exploits/exploitdb/searchsploit" search for the term "OpenSSL"
10. Download, and extract the file, using "grep -lr KEY *.pub" we will find the right one.
11. Connect to the server using the key, (you will find a file in the previous step with NUMBER.pub take the number) then run the command:

ssh -i NUMBER root@IP

And you're done, root access granted ^_^

Video Demo:

Video Available in HD, just change the Quality!

Read More

How to Add Exploits to Metasploit Framework in 3 steps

Hello Guys,
Today We have a Metasploit Tutorial Submitted by Foloox Csl
The video is on his channel, please subscribe to him!

The tutorial is shwoing how to add exploits to Metasploit. Sometimes we find exploits on exploit-db for Metasploit, in order to be able to use those exploits, we have to follow the steps in the video!

The Video IS available in HD, just change the Qualitly!

Read More

Attacking Metasploitable - Samba Sever - Metasploit Tutorial

Hello guys,
Here is the first video of my Metasploitable attacking videos!
In this attack we exploited Samba server (which is vulnerable).

First thing I did was scanning the target IP with nmap, it will a slow and almost complete scan.
I got the IP from Metasploitable it self by running "ifconfig"

Then after detecting samba server in the target, launch Metasploit, search for the keyword "samba"
A list of exploits will show, all you have to do is type:

use exploit/path/to/exploit

After you use that command, type "show options" to see what that exploit needs, and see the options you have.

when you set your hosts, and ports; type "exploit" And that will run the exploit.

After we exploited the target, we got root access, which is exactly what I needed!

Video:

Vimeo Link: https://vimeo.com/65082563

Read More

How to install Backtrack and Metasploitable on Vmware - Metasploit

Hello guys,
Today I will show you how to install Backtrack 5 and Metasploitable-Linux on Vmware,
This Tutorial is just to get you guys ready to my Metasploit videos that I will release very soon.

First of all, you should download both Metasploitable-Linux (Our Target) and Backtrack 5 (Our attacker)

Download Backtrack for HERE
Download Metasploitable from HERE
Download VMWARE Player from HERE
When you download Backtrack, make sure you downloaded for 32-BIT Architecture.
I prefer KDE, which I will be using, and it always works on vmware. (GNOME give some graphics errors sometimes)

Backtrack Installation

After you download backtrack, open vmware, and click on "Create A New Virtual Machine"

Then check "Installer disc image file (.iso), and browse for your backtrack image file, and open it.

Now click on Next, and choose "Linux" as the Guest operating system, and "Ubuntu" as the virsion

Click on "Next", Choose a name for your OS, any name is OK!

Now click on "Next" again, now it's your turn, you choose what disk size you want for it, and then click on Next again, then you're done! UNLESS, you want to edit some of the settings, and CPU & RAM for your OS, you can do by clicking on "Customize Hardware"

Now Play your virtual machine, wait for it until it shows a terminal saying "root@bt:~#"

type "startx" and click enter.

You're done!

Metasploitable-Linux Installation

Metasploitable is a vulnerable OS, it has many vulnerabilities.. We will use that OS as a target to pwn it..

When you download Metasploitable, it will be downloaded as a .zip file, extract it, and you will see a file with the extension .vmx

All you have to do to install this OS, is to double click on it.. vmware will ask you if you you copied the virtual machine, or moved it, click on I moved it!

And you're done!

Hope you liked it! =)

Read More

How To Hack Windows 8 Using Metasploit - java_signed_applet

Hello guys,

Today I have my first Metasploit tutorial! We will be pentesting Windows 8 (My PC) Using Metasploit on Kali, inside a virtual machine.
So lets get started!

First thing you need to do is open Metasploit by running "msfconsole" in your terminal.


After metasploit loads, type this command:

use multi/browser/java_signed_applet

Like the picture bellow:

Now You have to set you local port, in this exploit its called SRVPORT. The default port is 8080, you can set it to any port you want.

Just run the command bellow:

set SRVPORT [Port number]

Change [Port number to anything you like, I used 1337.

Now to change the path to the exploit, we can set the URIPATH to anything we want.
We can leave all the settings as it is, but it will look a little bit ugly, things like:

0.0.0.0:8080/Kgn3Tn

Changing them will make people accept it more easily, and it's more fun!

To change the URIPATH run the following command:

set URIPATH /

Like the picture bellow:

Now run the command "exploit"

The server will start on the port, and the path you set.

All you have to do now, is send the IP to someone to open. When they open it they'll see a screen like this:

If they ran it, a window will open, Check "I accept the risk and want to run this application" then click on "Run"

As soon as you run it, metasploit will start a meterpreter session to the target PC, and you'll have full access to the target PC!

Session Opened:

System info:

Hope you like it!
Here is the video tutorial, performing this attack!

Video available in HD, just change the quality! Vimeo Link: https://vimeo.com/64841698

Read More