Professional Documents
Culture Documents
I200604 Muhammad Huzaifa Lab 06
I200604 Muhammad Huzaifa Lab 06
Muhammad Huzaifa
20I-0604
VULNERABILTY ASSESSMENT
& REVERSE ENGINEERING
Lab 06
Starting with checking the IP addresses of both VMs. Below is the Ip for windows XP in host only mode.
The very 1st step is to check the MS08 exploit in msfconsole as shown below:
We are going to use the very 1st exploit we saw after running this command.
Now set the relevant fields for exploit to run. Use the following steps:
Now you can see in the screenshot above that our kali’s Metasploit has been connected to the target’s
machine. Now you just need to use the following commands to get system information.
Shell commands get the raw shell of the target machine and we can run the commands that can run on
target machine itself.
Another famous command is the use of screenshare to see what is happening on victim’s machine. To
get a view of target device use “screenshare” command as shown below:
The result of the following command will be something like this:
Persistence