Scribd
Upload
119 views

Jishan-LAB2-Metasploit-3 Report-Merged

Uploaded by

Ali Jishan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
119 views

Jishan-LAB2-Metasploit-3 Report-Merged

Uploaded by

Ali Jishan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

PURPLESYNAPZ

VAPT
ASSESSMENT

OVERVIEW

VAPT Report prepared by using Nessus on


metasploit- 3

Intern Course Module


Jishan Ethical Hacking (Alisha sir)
Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

Executive Summary
Performed vulnerability assesment on
metasploit-3 generated VA report
withscan results fullfilld required 4
critical 3 high vulnerability

Exploiting metasploit 3 and installing


key logger by metaspolit frame works

Document Version:

05-02-2023

Final Report

VAPT Report by jishan


Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

Table of Contents
OBJECTIVE ....................................................................................................................................................... 4
PROJECT EXECUTION ....................................................................................................................................... 4
1.1 EXECUTION SUMMARY ....................................................................................................................................................................... 4
1.2 PROJECT EXECUTION........................................................................................................................................................................... 5
1.3 VAPT ASSESSMENT ACTIVITIES ......................................................................................................................................................... 5
1.4 VAPT ACTIVITIES TIMELINE AND THE ISSUES STATUS ....................................................................................................................... 5
2. VULNERABILITY ASSESSMENT ...................................................................................................................... 7
FINDING SEVERITY RATINGS ............................................................................................................................ 7
2.1 Summary of Vulnerabilities....................................................................................................................... 8
2.2 Penetration Testing – Detailed Report ..................................................................................................... 8
CONCLUSION ................................................................................................................................................... 9

VAPT Report by jishan


Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

Report-1:
Nessus Report scan

VAPT Report by jishan


Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

OBJECTIVE
We are finding the vulnerabilities in metasploitable-3 using Nessus scan and carry the VAPT
exercise on the windows host (10.0.2.6) to review and understand the Risk Posture and
Cyber Security gaps that are observed during the VAPT in this we took 4 critical and 3 high
vulnerabilities to show in the report.

PROJECT EXECUTION

1.1 Execution Summary


Project Lab-2 vulnerable assessment on Document To summarize the findings of
Name metasploit-3 Objective VA & PT exercise

Addressable
Security Contexts Metasploit-3 windows machine (10.0.2.6)

Assessment
Methodology

• Vulnerability Assessment: VA using Nessus report scan.


• Penetration Testing: Exploiting identified vulnerabilities with Nessus tool based.

Tools Used Nessus tool for Vulnerability Assessment & Penetration testing.

Resources Deployed

Intern Jishan

VAPT Report by jishan


Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

1.2 Project Execution


The entire assessment exercise was executed on one host windows metasploitable -3 IP-
address (10.0.2.6)The Vulnerability assessment with Nessus report assessing the critical and
high vulnerabilities.

1.3 VAPT Assessment Activities


The VAPT carried out at metasploit-3 is a composition of the two dimensional Assessments that
were carried as depcited in the following:
Vulnerability Assessment of External Surface: In this step I performed the VA on the
targeted windows system.
Penetration Test: This is a 2 step approach where I first tries to exploit the windows system
with basic scan. Furthermore, in the second iteration, I used the vulnerability to install the
keylogger by using metasploit frames to gain the Key logs access.

1.4 VAPT Activities Timeline and the issues status

The VAPT carried out at windows machine metaspliot-3


Vulnerability assessment and Penetration Testing on the scope.

Below is the Time line for each phase during our VAPT engagement.
VAPT engagement in Date/Time range
phases
Phase 1 05-02-2023 09:11

VAPT Report by jishan


Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

Results:
Vulnerability Assessment and Penetration
Testing results

VAPT Report by jishan


Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

2. Vulnerability Assessment
I used Nessus tool to generate the report VA and PT on the windows machine metasploit-3.
The following section of the document captures the deep dive with technical insights for
eachassessed application in scope.

Finding Severity Ratings


The following table defines levels of severity and corresponding CVSS score range that are
used throughout the document to assess vulnerability and risk impact.

Severity CVSS V3 Definition


Score Range
Exploitation is straightforward and usually results in system-level
Critical 9.0-10.0 compromise. It is advised to form a plan of action and patch
immediately.

Exploitation is more difficult but could cause elevated privileges and


High 7.0-8.9 potentially a loss of data or downtime. It is advised to form a plan of
action and patch as soon as possible.

VAPT Report by jishan


Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

2.1 Summary of Vulnerabilities

Below is the list of identified vulnerabilities of the given target

Severity Vulnerability plugin


Critical Apache Log4j Unsupported Version Detection 156032
Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 2.5.10.1 Jakarta
Critical Multipart Parser RCE 97576
(S2-045) (S2-046)
Critical Unsupported Web Server Detection 34460
Manage Engine Desktop Central 8 / 9 < Build 91100
Critical Multiple RCE 90192
MS 2695962: Update Rollup for ActiveX Kill Bits
High (2695962) 59044
MS 2736233: Update Rollup for ActiveX Kill Bits
High (2736233 62045
MS KB2269637: Insecure Library Loading Could Allow
High Remote Code execution 48762

2.2 Penetration Testing – Detailed Report


Below section details all Identified Vulnerabilities of target.

Vulnerability windows/smb/ms17_010_eternalblue &pay load 1


meterpreter/reverse_tcp
Description I used the above vulnerabilities to exploit windows system
Risk/Impact High or Medium or Low or info

KEYLOGGER:
First I run the file explorer to the window machine it have more privileges to the window machine
(Meterpreter>ps –S explorer.exe) to get the PID(5196) thorough that id we will get more privileged
access to the metasploitable-3 machine.
Then migrate the PID 5196 to get more privileged access.
I Give the keystrokes command (keyscan_start -v )and get the notepad credentials in KALI.
Then after performed the migration

Select migration PID, after successful of migration need to key scanning

After it I run the command (keyscan_dump) and get the keylogges what I did into the

notepad window machine..

VAPT Report by jishan


Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

Conclusion:

The specific goals of the vulnerability assessment were achieved as per lab requirements
• Successfully generated the Nessus report with VA
• In generate report I showed 4 critical vulnerabilities 3 High vulnerabilities
• By using the kali we exploited the metasploit-3(10.0.2.6) windows and created a RDP machine
• Generated key strokes with migrating the PID
• Successfully key logs.
The above mentioned goals were successfully met.

Nessus report by Jishan

VAPT Report by jishan


Ethical Hacking| PurpleSynapz VAPT ASSESSMENT

VAPT Report by jishan


s
ial
nt
sse
Metasploitable-3
sE

Report generated by Nessus™ Sun, 05 Feb 2023 05:04:42 EST


ssu
Ne
TABLE OF CONTENTS

Vulnerabilities by Host
• 10.0.2.6........................................................................................................................................................................4

s
ial
nt
sse
sE
ssu
Ne
s
ial
nt
sse
Vulnerabilities by Host
sE
ssu
Ne
10.0.2.6

4 3 0 0 0
CRITICAL HIGH MEDIUM LOW INFO

Vulnerabilities Total: 7

SEVERITY CVSS PLUGIN NAME


V3.0

CRITICAL 10.0 156032 Apache Log4j Unsupported Version Detection

s
CRITICAL 10.0 97576 Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 2.5.10.1 Jakarta Multipart Parser RCE

ial
(S2-045) (S2-046)

CRITICAL 10.0 34460 Unsupported Web Server Detection

CRITICAL

HIGH
10.0*

9.3*
90192

59044 nt
ManageEngine Desktop Central 8 / 9 < Build 91100 Multiple RCE

MS 2695962: Update Rollup for ActiveX Kill Bits (2695962)


sse
HIGH 9.3* 62045 MS 2736233: Update Rollup for ActiveX Kill Bits (2736233)

HIGH 9.3* 48762 MS KB2269637: Insecure Library Loading Could Allow Remote Code
sE

Execution

* indicates the v3.0 score was not available; the v2.0 score is shown
ssu
Ne

10.0.2.6 4

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy