Metasploit

Daniel demonstrates how to gain access to a Windows and Linux server using metasploit. This is one of his favourite tools. Big thanks to ITPro.TV for sponsoring this video. In future videos, he will show us additional tools. ====== Menu: ====== Menu: 0:00 ▶️ We like win 0:25 ▶️ I am administrator 0:40 ▶️ Linux access 1:20 ▶️ Password hashes 1:35 ▶️ Introduction 1:50 ▶️ Metasploit framework overview 2:28 ▶️ Why is this one of your favourite tools? 4:05 ▶️ Windows and Linux 4:43 ▶️ This is a local lab 5:40 ▶️ Windows Metasploit demo 6:35 ▶️ Eternal Blue overview 7:24 ▶️ Start eternalblue 8:35 ▶️ Check attack viability 9:35 ▶️ Specify target (RHOSTS) 10:32 ▶️ Exploit (check hosts) 10:50 ▶️ Gain access 11:30 ▶️ Reverse shell 13:01 ▶️ Set rhosts 13:28 ▶️ Set payload 14:08 ▶️ Set lhost 14:30 ▶️ Set lport 14:53 ▶️ Run exploit 15:58 ▶️ Win 16:10 ▶️ Shell access gained 17:20 ▶️ Full Admin access 18:14 ▶️ Summary of what was done 18:49 ▶️ This is much easier - use automation 20:35 ▶️ Why did this work? 21:15 ▶️ What about Linux? 21:48 ▶️ Linux demo example 22:29 ▶️ Linux shell bug 23:50 ▶️ Use option 24:39 ▶️ Set header 25:06 ▶️ Set rhosts 25:35 ▶️ Set targeturi 26:17 ▶️ Set lhost 26:33 ▶️ Exploit 26:55 ▶️ shell created 27:07 ▶️ Make pretty 28:01 ▶️ Use Linux commands 28:27 ▶️ Which user account is used 28:51 ▶️ Got a remote shell 29:00 ▶️ Escalate priv 30:28 ▶️ Get admin and root accounts 30:49 ▶️ Summary of what we have done 33:03 ▶️ What other tools are you going to show us ======================== Download software and VMs: ======================== VM used: https://www.vulnhub.com/entry/bwapp-bee-box-v16,53/ Kali Linux: https://www.kali.org/downloads/ ================ Links: ================ ITProTV Free Training: http://davidbombal.wiki/freeitprotv My ITProTV affiliate link: http://davidbombal.wiki/itprotv ==================== Connect with Daniel: ==================== LinkedIn: https://www.linkedin.com/in/daniellowrie Blog: https://blog.itpro.tv/author/daniellowrie