CPTS #04: Using the Metasploit Framework

Lab 1: Buffer overFlow.

Lab 2: Perform an Nmap scan carefully.

Sessions and Jobs Section

– Since the challenge has already given us some information about this machine, stating that it is running a website, we proceed to access it and check the source code. Upon inspection, we discover that the web server is running elFinder.

– Access msfconsole and search for an exploit module for elFinder. After selecting the module, configure the necessary parameters.

– Exploitation successful.

– However, we only obtained a low-privilege shell, so we need to escalate privileges. The hint suggests that the sudo version on this machine is outdated, meaning there might be an exploit available for this version.

– After researching, I found that this version is vulnerable to a buffer overflow exploit.

– Since I’m already using Metasploit, I decided to look for an exploit module for privilege escalation.

Meterpreter Section

– Proceed with an Nmap scan and discover that this machine is running a web service on port 5000.

– Detected that the running service is FortiLogger.” Now, let’s check for known vulnerabilities related to FortiLogger

– Find the exploit module on Metasploit, set the required parameters, and execute the exploit.