Metasploit Pro Certified Specialist Student Lab Guide
Metasploit Pro Certified Specialist Student Lab Guide
Version 21.07
DISCLAIMER: Unless otherwise indicated, this lab guide and its design, text, content, selection and arrangement of elements, organization,
graphics, design, compilation, digital conversion and other matters related to this document are protected under applicable copyrights,
trademarks and other proprietary (including, but not limited to, intellectual property) rights and are the property of Rapid7 LLC or the
material is included with the permission of the rights owner and is protected pursuant to copyright and trademark laws. ALL RIGHTS
RESERVED. If you have any questions about the use of this material, please contact [email protected].
21.07
Table of Contents
Understanding this Document................................................................................................................................... 4
Lab Environment - Virtual Machines ......................................................................................................................... 5
Lab 1: Login, Global Settings, New Project.............................................................................................................. 6
Task 1: Log In ......................................................................................................................................... 6
Lab 3: Meterpreter....................................................................................................................................................... 8
Task 1: Using Meterpreter on Linux ..................................................................................................... 8
21.07
21.07
Any text entered in a bold font indicates that you will be clicking on a button, menu, drop down or
item.
(Any text entered in italics inside parenthesis are considered special instructions, tips, or best practices that
may not be specific instructions.)
Any text entered in this Courier font indicates that you will be typing the
text into a form, field, or command line interface.
‘Any text entered in italics inside a single quote indicates that the student should be looking for this item,
section, or heading to continue the exercise steps.’
21.07
At any time, you can auto-fill passwords in the VM by clicking the password button.
VM IP Username Password
Gateway 192.168.1.1
Metasploit Console 192.168.1.100 rapid7 r@pid7!
Linux Mail Server 192.168.1.101 rapid7 r@pid7!
Student Win7 192.168.1.102 rapid7 r@pid7!
Ubuntu_12 192.168.1.112 rapid7 r@pid7!
Metasploitable2 – Linux 192.168.1.104 msfadmin msfadmin
Windows Server 2008 r2 - SQL 192.168.1.105 rapid7 r@pid7!
Windows Server 2008 r2 192.168.1.106 rapid7 r@pid7!
Nexpose Console 192.168.1.110 rapid7 r@pid7!
21.07
21.07
21.07
Lab 3: Meterpreter
Task 1: Using Meterpreter on Linux
1. In MSP1, select Sessions from the Navigation Bar. Review Active and Closed Sessions.
2. Select an active session corresponding to the host 192.168.1.104 – Metasploitable .
3. Click on the Session, not the Host IP.
4. Select the Command Shell button to start the Meterpreter shell or you can right click and open in new tab.
5. Enter the ? character to view help options for the Meterpreter shell. When you type in a Meterpreter shell
and the cursor is blinking in red, please wait.
6. View system data by running the follow Meterpreter commands available:
a. sysinfo d. ps
b. getuid e. localtime
c. getwd f. ls
21.07
21.07 9
21.07 10
21.07 11
21.07 12
21.07 13
21.07 14
e. Once file completes downloading, double click and Run the file.
4. While still on the Windows7 box, right-click the Windows 7 VM taskbar.
a. Click Start Task Manager.
b. Move to the processes tab and look for microsoft_update.exe.
5. Return to the Metasploit Pro system.
a. Open the MSP1 project.
b. Note the session that is now open on the Windows7 box.
Challenge: Run the same payload on the WINDOWS SERVER 2008 R2 machine. Are you able to get a session?
21.07 15
21.07 16
21.07 17
21.07 18
21.07 19
m. Observe Sessions tab and confirm that you have a meterpreter session from Windows Server
2008r2 – SQL VM with IP address 192.168.1.105
21.07 20
21.07 21
21.07 22
21.07 23
21.07 24
21.07 25
2. For client-side exploitation, a _LISTENER__ receives inbound connections from persistent agents on
compromised systems.
21.07
26
7. Metasploit Pro offers the following type of social engineering techniques, EXCEPT for:
a) Phishing
b) Client-side exploits
c) Cloud connection
d) USB storage
e) All are offered by MSP
9. When running automated exploits, the _________ defines the exploit modules that Metasploit Pro will use
to attack the target system.
a) Scan data
b) Network map
c) Vulnerability analysis
d) Attack plan
21.07
27
11. _______ is an attack method that attempts to use a looted password hash to authenticate to a remote
system.
a) Hash authenticate module
b) Pass the Hash
c) Loot authenticate
d) Hash login
e) None of these
21.07
28
1=c, 2=a,3=b
17. During a Phishing campaign, the Target Addresses are automatically restricted to the network range of
the project.
a) True
b) False
21.07
29
21.07
30