20-CS-[51|60]55 Cyber Defense Overview Fall 2018
Lab 2

Authentication, Availability, Confidentiality, Integrity, Defense Principles, Intrusion Detection, Attack vectors, more

Penetration Testing with Metasploit
Due: Sept. 24, 2018 (Submission instructions are here)

To be able to defend a network or system it is necessary to understand what must be defended against. To that end, this lab calls for you to use some of the tools that malfeasants use to examine systems, looking for vulnerabilities.

Armitage as a front end to Metasploit
Run Kali Linux. Open a shell. Execute the command
sudo /etc/init.d/postgresql start
to start the database server that is used my metasploit. Next, execute
sudo armitage
as shown here:

A dialog box appears as shown below. Just click "connect".

Armitage takes a long time to start. For a while you see this:

which looks like a problem due to the connection exception. But the reason for the exception is that the metasploit framework is not ready for connections yet. Eventually, a connection is made and the following screen appears, except without the two icons that represent discovered machines from previous launches of armitage.

Those icons are the result of defining a workspace and machines in it. The `workspace' tab is used for this purpose. Armitage uses namp to scan those machines for services. Once that is done, attacks can be suggested for the machines. This is done by selecting one of the icons, dropping the `Attacks' menu as shown below, and selecting `Find Attacks'.

Now an `Attack' menu is made available for the selected icon. This can be accessed with a right click over the selected icon. Doing so allows one to choose an attack as illustrated below.

Selecting an attack results in a window, such as the one below, where parameters can be set.

When the attack is launched, progress and results are displayed in the bottom window.

The Exercise
Download an operating system appliance for virtualbox from here.
Open virtualbox. Import the appliance to virtualbox by clicking 'File', then 'Import Client' from the menu. On the right side of the dialog box that opens there is a small square icon. Click that to open a File Dialog box and search for and select the appliance. Click 'Next' to begin the installation. Use armitage from a second VM to try attacks on that OS. Login to the metasploitable OS (username:msfadmin password:msfadmin) and find other vulnerabilities.
Report (submit) up to 10 suspicious findings in a list. If there is a fix, state the fix in the list. Try exploits where possible.
Note that metasploit and Armitage exist in Kali Linux but they need to be updated.

Previous submissions that were accepted:     first     second