Basic Network Penetration Testing for Vulnerable Passwords

[TheVikingsofDW]

In this endeavour, we shall employ the scanning and brute-force functionalities of the Metasploit WebUI to fulfil this objective.

1.- Initially, we undertake the process of project inception.
2.- Presently, we select the 'scan' option within the discovery module and proceed to input all pertinent project configurations.
3.- Upon completion of the scan, we transition to the subsequent screen displaying all active systems within the designated network, along with the top five identified operating systems and network services.
4.- Following the conclusion of the preliminary scan, we have identified our target systems along with their associated operating systems and services. Consequently, we are poised to commence the process of brute-forcing these systems to uncover vulnerabilities in the remote services necessitating authentication, which have been detected as active on systems within the designated network.
5.- Thus, we proceed to select the 'bruteforce' option to initiate the password cracking procedure.
6.- One has the option to designate the target addresses and services on which to execute the attack. (Advanced users may explore diverse options to modify the default passwords attempted during a password cracking session, a practice particularly beneficial in scenarios where users employ easily predictable password combinations).
7.- Upon initiating the bruteforce operation, successfully compromised services will be distinguished by a yellow highlight. Subsequent to the completion of the bruteforce session, one may navigate to Analysis -> Hosts to access the following information:
- Metasploit Flags: It's evident that Metasploit designates all compromised hosts as "Shelled" and all scanned systems that remain uncompromised as "Scanned". Subsequently, we revisit the sessions tab to review comprehensive details pertaining to the compromised hosts.
- Metasploit's PSEXEC Module: It's apparent that all systems have been compromised utilising Metasploit's PSEXEC module. Upon selecting a session, detailed information regarding that specific session is revealed. Subsequently, one can initiate a command shell on the compromised target to obtain the password hashdump for offline cracking endeavours.