TryHackMe | Metasploit: Introduction | Walkthrough

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys welcome to my YouTube channel today we're going to do metas spoil introduction uh it's part of the comp pentest plus learning path and uh yeah let's get right into it already load my start machine a tack box and yeah the machine okay all right let me close this off uh so task one is Introduction to metas spoil and it says metas spoil is most widely used for exploitation framework so it talks about two versions Pro framework and today we're going to do that tbox version so that's the framework version tells about the main component msf console modules and tools and answer the questions below no answer needed let me see it's working okay all right let's go open the command console or Tas two main components of metas spoil and uh you could just follow along purus [Music] so it talks about encoders Invasion exploits and NPS no operation payloads and post modules so as you know guys uh these videos I'm just going to show you how to answer these uh questions but I strongly recomend recommend to reach to read each task to get a full understanding what's all about for example it says answer questions below what is the name of the code taking advantage of the flaw of a Target system so you read the paragraph it's talking about payload and explo will take advantage of vulnerability so there you go and let's see let's try this out let see if this works see copy place clipboard no [Music] command open new tab no such framework must be a different directory but got you want from yourself you can find under modules under I see embedded modules let's try see [Music] the all right let Ste means so let's try [Music] [Music] this oh there you go and there's the encoders same day see uh let's try [Music] evasion Windows all right there's X [Music] points 20 director for files then uh no operations okay then payloads oops wrong one I'm just following along the example guys uh you don't have to do this and then there's uh so four directories post it's a good practice to uh type everything out so post there you go so the second question what is the name of the code that runs on the target system to achiev the attacker's code so what's the name of the code I believe payload tic codes that will run on T system so let's try that or pay there you go next question what are self-contained payloads called self stage payload well stagers so stagers Stager stage stage let's try self-contained singles okay never [Music] mind okay and says Windows SL x64 ping back SL reverse SL TCP under among singles or stage payload so as you read when there's under between show reverse is single let me see yes it is all right guys uh let's go Tas 3 msf console so again you can just follow along like LS top of this command and then see help SL help no such command same thing c i up set set option value okay then talks about history so just the history path then uh let's try use exploits Windows SM B Ms 17 010 SL Eternal blue no result see all right looks like example again and show options so shows the same R host L host all right same thing user let's see show options show options show [Music] payload same thing a list the payloads and then [Music] back all right info so these are just the command info module oh see info no ask Eternal blue so all the information the module and okay back search Ms 17-10 same name so I just talk about the Search Command and there's example search type Sol tell not so again gives you a list of a hotel net module and uh just follow along example guys that was pretty simple this is answer your questions how will you search for module relat to Apache so be search function Apache more simple next question Who provided the auxiliary scanner s sh SSH login module use the info command so again oops let's go back actually let's uh let's try this use [Music] exploit I might get this wrong but H see Who provided actually let's try this [Music] one what to search [Music] type all right I'm going to look at see scanner SSH scanner SSH this one's auxiliary scanner SSH ssh h use info command let's see all right let's see who provide exil say number let's try this one [Music] info there you go and that's it Tob I think so exploit use auxilary scanner this pathway and info so I believe [Music] is prob by TB all right let's go Tas four guys working with modules and let's see set parameter regular command prompt medic command prompt let's see back so there's [Music] context meter preor system the show options so we already same thing following an example ID name automatic Target then I'll set our host oops C our host 10101 16539 there you go then show options again all right what's this example PWD cat targets so this example setting targets uh text all right let's try [Music] again set all flushing database un setting database show options [Music] again all right let's try again see use exploit so follow law set RG host so set R so set group oops keep forgetting the IP so yours might vary back so it says use auxiliary scanner let's try that I'm just following the example to the left guys this is not um new information you guys get laws just pause and um just look to the left every time when I type something in the right uh Linux box so show options all right exploit [Music] z z parameters okay unreachable all right looks say nothing's going on here let's see skip that that's for meter preor let's see sessions so there's no active sections right here but an example there is let's see back sessions no active sections all right let's answer your questions below how will you set the L Port value to 666 so set elport 666 pretty easy how do you figure that out it's uh back to right here parameter setting command syntax this this the syntax guys and next question how you set the global value for R host to 10.10.19 23 so it will be set g r host or host 10.1.1 19.23 yeah same parameter right here S command see if I can find so same parameter with the set G and next question what command will you use to clear a payload so unset pay yeah you read the example it says clear unset G unset group and last question what command do you use to proceed with exportation phase exploit yeah there you go exploit command to exploit that was easy all right guys Tas Five summary just talks about summarize of the metas spoil tool read it and answer your last question you can share on Twitter Facebook in if you like this video hit the Thumbs Up Hit the Subscribe button hit notification button um trying to pump these videos uh fast as possible to help you guys to help to pass pentest plus uh I'm not in the IT industry but I already pass the comti certification is recognized by my work and this is something I really like doing and uh I hope it helps you guys so thanks for watching and next

Info

Channel: PLei

Views: 215

Rating: undefined out of 5

Keywords: Pentest, TryHackMe

Id: gImO30v6GBA

Channel Id: undefined

Length: 23min 30sec (1410 seconds)

Published: Mon Nov 06 2023