Lab Instructions
Exploitation with Metasploit
Follow these written lab steps in order. Run one command at a time and verify output before moving on.
Lab objective
Module 6: Exploitation with Metasploit. Use Metasploit modules to exploit a vulnerable service in your lab (e.g. Metasploitable), including SSL-related exploits where applicable. Never run against systems you do not own or have written permission to test.
Command
N/AExpected result: You gain access to a lab target using a Metasploit exploit (e.g. SSL exploit) and understand the workflow.
Step 1 - Ensure lab is ready
Your Kali (or attack) VM and target VM (e.g. Metasploitable) must be on the same network. Verify connectivity: ping the target IP. Run nmap -sV <target> to identify open services and versions, including SSL/TLS services.
Command
ping <target_ip> # then: nmap -sV <target_ip>Expected result: Target is reachable; you have a list of services and versions.
Step 2 - Select and run an exploit (e.g. SSL-related)
In Metasploit (msfconsole), search for an exploit matching the target service (e.g. SSL/TLS-related modules if the target has a vulnerable SSL service). Set RHOSTS, PAYLOAD (e.g. reverse shell), LHOST/LPORT. Run exploit. Follow any post-exploitation steps in the module.
Command
msfconsole → use <exploit> → set RHOSTS <ip> → set PAYLOAD → set LHOST → runExpected result: You obtain a shell or session on the target (in your lab only).
Step 3 - Document and clean up
Document the steps you took, the vulnerability used (e.g. SSL exploit), and how the organization would fix it (patch, disable weak cipher, restrict access). If you created backdoors or users, remove them. Report findings as you would in a real pentest.
Command
N/AExpected result: You have notes suitable for a simple pentest report and have left the lab in a clean state.