Lab #5: Introduction to Metasploit on Kali Linux
Team: CRYPTERS
1 d. Why is it usually a bad idea to operate in the Linux environment as root? If you are unfamiliar with the concept of the root user, do a quick google search.
It is always a good practice on any operating system to run your applications on a user level and leave the administrative tasks to the root user, and only on a per-need basis. Applications are meant to be run by users with non-administrative privileges.(Power December 4, 2010) Their privileges has to be elevated to modify the underlying system. Some of the problems that comes when operating the Linux environment as a root user are:
1. Much more prone to mistakes or software bugs. Running the program as a different user …show more content…
As a root user, one has the option of giving full permissions to a malicious software or vulnerability. It can change programs in /bin and add backdoors, mess with files in /etc and make the system unbootable, etc.
3. You can be victim of your own stupidity. Swapping of input/output device in data dictionary would be stopped by your lack of permissions, but if you run as root, you have all accesses.
4. Administrative work on the OS should be handled only by root. You don't need it for most uses.(Renan October 18, 2012)
1 f. What would happen if you just started the metasploit service without the postgresql service? Even if you can start the metasploit service without it, is it needed (Why/Why not)? What does the service do for Metasploit? (Hint: You can do this in a new terminal window)
When we start the metasploit service without the postgresql service, we get a screen as shown below. PostgreSQL is an object-relational database management system (ORDBMS) based on POSTGRES, Version 4.2(Postgresql). In Kali Linux environment, no network services, including database services, run on boot as a default. So to get the metasploit services up and running, a database needs to be launched first(Documentation). That is why postgresql service started. Some of its functions include storing data securely, supporting best practices, etc. It can handle workloads ranging from small applications to large applications with many concurrent users(Wikipedia October 18, 2015). Metasploit uses …show more content…
Such behavior frequently includes things like gaining control of a computer system, allowing privilege escalation, or a denial-of-service attack. It is run on web servers, with the purpose of identifying software susceptibilities in client machines, communicating with it and exploiting discovered vulnerabilities to upload and execute malicious code on the client.
3 e. How many options are there? How many of these are required? As seen in snapshot, show command gave 2 options. RHOST and RPORT. Both are compulsory. The default RPORT is 135 which is the RPC port.
3 f. On the same output Metasploit returns a section called exploit target, which operating systems will this exploit work on? Exploit command works on English versions of Windows NT 4.0 SP3-6a, Windows 2000, Windows XP, and Windows 2003 Universal
3j. What did the output of the screen show? Was the exploit successful, how do you know? The output screen displayed the following: We can make out from the above screenshot that the exploit was successful because it says that the command shell session of the target ip address machine was opened and also the next prompt we see is of, C:\WINDOWS\system32> of the target machine which means that we have gotten access to the target machine. 3k. What type of connection is opened? What does this connection allow you to
Team: CRYPTERS
1 d. Why is it usually a bad idea to operate in the Linux environment as root? If you are unfamiliar with the concept of the root user, do a quick google search.
It is always a good practice on any operating system to run your applications on a user level and leave the administrative tasks to the root user, and only on a per-need basis. Applications are meant to be run by users with non-administrative privileges.(Power December 4, 2010) Their privileges has to be elevated to modify the underlying system. Some of the problems that comes when operating the Linux environment as a root user are:
1. Much more prone to mistakes or software bugs. Running the program as a different user …show more content…
As a root user, one has the option of giving full permissions to a malicious software or vulnerability. It can change programs in /bin and add backdoors, mess with files in /etc and make the system unbootable, etc.
3. You can be victim of your own stupidity. Swapping of input/output device in data dictionary would be stopped by your lack of permissions, but if you run as root, you have all accesses.
4. Administrative work on the OS should be handled only by root. You don't need it for most uses.(Renan October 18, 2012)
1 f. What would happen if you just started the metasploit service without the postgresql service? Even if you can start the metasploit service without it, is it needed (Why/Why not)? What does the service do for Metasploit? (Hint: You can do this in a new terminal window)
When we start the metasploit service without the postgresql service, we get a screen as shown below. PostgreSQL is an object-relational database management system (ORDBMS) based on POSTGRES, Version 4.2(Postgresql). In Kali Linux environment, no network services, including database services, run on boot as a default. So to get the metasploit services up and running, a database needs to be launched first(Documentation). That is why postgresql service started. Some of its functions include storing data securely, supporting best practices, etc. It can handle workloads ranging from small applications to large applications with many concurrent users(Wikipedia October 18, 2015). Metasploit uses …show more content…
Such behavior frequently includes things like gaining control of a computer system, allowing privilege escalation, or a denial-of-service attack. It is run on web servers, with the purpose of identifying software susceptibilities in client machines, communicating with it and exploiting discovered vulnerabilities to upload and execute malicious code on the client.
3 e. How many options are there? How many of these are required? As seen in snapshot, show command gave 2 options. RHOST and RPORT. Both are compulsory. The default RPORT is 135 which is the RPC port.
3 f. On the same output Metasploit returns a section called exploit target, which operating systems will this exploit work on? Exploit command works on English versions of Windows NT 4.0 SP3-6a, Windows 2000, Windows XP, and Windows 2003 Universal
3j. What did the output of the screen show? Was the exploit successful, how do you know? The output screen displayed the following: We can make out from the above screenshot that the exploit was successful because it says that the command shell session of the target ip address machine was opened and also the next prompt we see is of, C:\WINDOWS\system32> of the target machine which means that we have gotten access to the target machine. 3k. What type of connection is opened? What does this connection allow you to