Exploiting Samba and HTTP vulnerabilities

Today I want to show my latest Ethical Hacking course lab, where got to exploit Samba and HTTP vulnerabilities.



Legend

The information system is used to provide services. The network administrator has been less than diligent and has not updated services for a long time. This has made the services provided in the virtual environment vulnerable.


Goals

Identify the services running on the network and their versions. Find vulnerabilities in existing services and exploit them (hacking).


Tools used

1. An image of a virtual, vulnerable Linux OS
2. VMware Workstation Player
3. Nmap
4. Vulnerability Database www.exploit-db.com.


Methodology for carrying out the work

The work involves scanning the network and discovering service ports and their versions. Vulnerability versioning in the nvd.nist.gov vulnerability database. Vulnerability search in the Metasploit database. Vulnerability Exploitation.



You check out the step by process in the Lab Report available for download via the link below.