A free video tutorial from Muharrem AYDIN
Computer Engineer, Ethical Hacking, Cyber Security Expert
4.5 instructor rating • 26 courses • 56,539 students
Learn more from the full courseEthical Hacking with Metasploit: Exploit & Post Exploit
Learn Ethical Hacking from scratch with Metasploit , exploit vulnerabilities and become a white hat hacker
05:14:43 of on-demand video • Updated May 2021
- You will become an expert in using Metasploit for ethical hacking and network security.
- Set up a lab environment to practice hacking
- Install Kali Linux - a penetration testing operating system
- Install Windows & vulnerable operating systems as virtual machines for testing
- Learn Linux commands and how to interact with the terminal
- Discover vulnerable applications
- Vulnerability scanning, Exploit, Post Exploit, Payload
- Gain control over computer systems using server side attacks
- Exploit vulnerabilities to gain control over systems
- Gathering password hashes, cracking passwords, taking screenshots, logging keystrokes etc.
- Using backdoors to persist on the victim machine
- The very latest up-to-date information and methods
- During the course you will learn both the theory and how to step by step setup each method
- Social Engineering Toolkit (SET) for Phishing
English As a target systems will use a few devices. One of the target devices will be Metasploitable 2. Metasploitable is an intentionally vulnerable Linux virtual machine created by Rapid7 who produces Metasploit project as well. This VM can be used to conduct security training test security tools and practice common penetration testing techniques. The VM will run on any reason VMWare products and other virtualization technologies such as VirtualBox. Now when you google the word Metasploitable you'll find a download link of Rapid7 on the very first row. You can download it from the sourceforge.net site as well which is on the second line. Now there's another link that's the GitHub address of Metasploitable 3. Metasploitable 3 is another version of Metasploitable produced by again Rapid 7. So let's go to the page System requirements in the readme section says Metasploitable 3 virtual machine requires 65 65 gigabytes of free space on my drive and 4.5 gigabytes of RAM. Well these amounts are little too much for me. So I'm going to go back and use Metasploittable 2 though It's an excellent practicing machine So turn back to the Google search tab and click the first link to the official download page of Metasploitable Metasploitable Fill out the form and click submit to download Metasploitable to Linux virtual machine. So I've already downloaded it and opened with my VM Ware Fusion. Now as you can see I do have other VM`s here. OWASP Broken Web Application and a Windows XP. You may download and use other systems like these. Just to give you more scanning practice. So let's look at the settings of Metasploitable. I'll use my virtual machines in NAT network mode and I allocated gig of RAM which is the recommended amount. So now we're ready to run the VM And as you can see there are a lot of services that start with the operating system start username is msfadmin and the password is the same. So check the IP address and see if it's in the same IP block with your copy machine using the ifconfig command. So looking at the open TCP ports using netstat - tnlp you will see a lot of ports are open and looking at the services up and running using "ps aux" you'll see a lot of these services as well. These increase the attack surface of the machine which is just what we want and of course we'll use Windows machines as our targets of our attack. And you know the reason why! Windows are the most common operating system. One of the windows targets will be Windows XP Service Pack 1. Now it's not designed to be vulnerable but well it is naturally a vulnerable system. It's not an up to date system. A lot of patches are missing and as you probably know, too Microsoft does not support this operating system anymore. Another target system that I'll use is Windows 8. It's an up to date and modern operating system. Now just so you know I have to point out that Microsoft Windows operating systems are commercial. They are not free. You have to have their license to use. Now if you have any windows ISO you can install it as a virtual machine. Just follow the steps that I showed you in the lecture of the installation of `Kali the Light` from the ISO file.