CentOS 7.x Scanning machine using metasploit web portal

From Notes_Wiki

Home > CentOS > CentOS 7.x > VAPT Tools > Metasploit > CentOS 7.x Scanning machine using metasploit web portal

Create project for metasploit based scanning

We can create a separate project for each group of targets (or individual target) to work with that target separately, using below steps. All targets under same project will share credentails, reports, etc. with each other. There is also a default project which can be used for scanning desired targets.

  1. Login into metasploit interface using https://FQDN:3790/ as root
  2. Go to home -> New project
  3. Type project name and description (Eg windows2016-scan-target)
  4. Type target IP address (Eg 172.31.1.42)
  5. Let project owner be root and create project


Scan target without authentication

To scan a target without authentication (Typically with no stored credentials and no successful bruteforce attempts) use below steps. Scan uses nmap for understanding OS, open-ports and services. This information can be later useful for later exploit stages.

  1. On specific project page choose "Scan" under "Discovery"
  2. Let target IP address be same. Click on "Show advanced options"
  3. Enable "Scan SNMP community strings"
  4. Under Discovery credentials do not enter anything
  5. Leave everything else to default
  6. Click "Launch Scan" to start scanning


Exploit scanned target without authentication

After target is scanned for open-ports, OS, services, etc. we can use exploit option to test it against exploits:

  1. Once the scan is completed click on "Exploit"
  2. Click on "Show advanced options"
  3. Leave most things default and do not give any username and password
  4. Click on "Exploit" to start Exploit test


Generate scan report of scanned and exploit tested targets

Once target has been scanned, exploitted or bruteforced, a report can be generated using:

  1. Go to Reports -> New report
  2. Leave report type as "Audit" and output format as "pdf" and "html"
  3. Give appropriate report name (eg windows2016-scan-target-without-auth)
  4. Enable "Include session details" and "Include charts"
  5. Click on "Generate Report" to generate report


Scan target with authentication

To scan a target with authentication use:

  1. Open the project
  2. Go to "Credentials" -> "Manage"
  3. Add with:
    Realm
    none
    Public
    <username> (eg root)
    Private
    plain-text, password. Specify password in text box.
  4. Proceed with bruteforce to validate credential.
  5. After credentials are validated to be successful proceed to exploit of this project targets as required.


Home > CentOS > CentOS 7.x > VAPT Tools > Metasploit > CentOS 7.x Scanning machine using metasploit web portal