Metasploitable2 Walkthrough

For this walk-though I use the Metasploit framework to attempt to perform a penetration testing exercise on Metasploitable 2. I employ the following penetration testing phases: reconnaisance, threat modelling and vulnerability identification, and exploitation. Since this is a mock exercise, I leave out the pre-engagement, post-exploitation and risk analysis, and reporting phases. Set-up This metasploitable walk-through is performed in a virtual lab environment. Two virtual machines (VMs) are used. The first is a Kali VM and the second is the Metasploitable2 VM.

Read More →

Metasploitable2 Walk-through

(This is an interim post and will be updated progressively. This notewill be removed once done.) This post extends the walk-though on the initial version ofMetasploitable athttp://nkush.blogspot.com.au/2011/09/metasploitable-walkthrough.html. Itshould be noted that some commands and output may have been truncatedfor the purposes of brevity. Set-upThe set-up included two machines in a virtual test environment usingVirtualBox. The first was a Metasploitable virtual machine (VM) and thesecond a Kali 1.

Read More →