CentOS 7.x Scanning machine using metasploit web portal
<yambe:breadcrumb>CentOS_7.x_metasploit|CentOS 7.x metasploit</yambe:breadcrumb>
CentOS 7.x Scanning machine using metasploit web portal
Create project for metasploit based scanning
We can create a separate project for each group of targets (or individual target) to work with that target separately, using below steps. All targets under same project will share credentails, reports, etc. with each other. There is also a default project which can be used for scanning desired targets.
- Login into metasploit interface using https://FQDN:3790/ as root
- Go to home -> New project
- Type project name and description (Eg windows2016-scan-target)
- Type target IP address (Eg 172.31.1.42)
- Let project owner be root and create project
Scan target without authentication
To scan a target without authentication (Typically with no stored credentials and no successful bruteforce attempts) use below steps. Scan uses nmap for understanding OS, open-ports and services. This information can be later useful for later exploit stages.
- On specific project page choose "Scan" under "Discovery"
- Let target IP address be same. Click on "Show advanced options"
- Enable "Scan SNMP community strings"
- Under Discovery credentials do not enter anything
- Leave everything else to default
- Click "Launch Scan" to start scanning
Exploit scanned target without authentication
After target is scanned for open-ports, OS, services, etc. we can use exploit option to test it against exploits:
- Once the scan is completed click on "Exploit"
- Click on "Show advanced options"
- Leave most things default and do not give any username and password
- Click on "Exploit" to start Exploit test
Generate scan report of scanned and exploit tested targets
Once target has been scanned, exploitted or bruteforced, a report can be generated using:
- Go to Reports -> New report
- Leave report type as "Audit" and output format as "pdf" and "html"
- Give appropriate report name (eg windows2016-scan-target-without-auth)
- Enable "Include session details" and "Include charts"
- Click on "Generate Report" to generate report
Scan target with authentication
To scan a target with authentication use:
- Open the project
- Go to "Credentials" -> "Manage"
- Add with:
- Realm
- none
- Public
- <username> (eg root)
- Private
- plain-text, password. Specify password in text box.
- Proceed with bruteforce to validate credential.
- After credentials are validated to be successful proceed to exploit of this project targets as required.
<yambe:breadcrumb>CentOS_7.x_metasploit|CentOS 7.x metasploit</yambe:breadcrumb>