Jump to content

Search the Community

Showing results for tags 'metasploitable3'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 2 results

  1. I'm working through the Metasploitable 3 vulnerabilities. One of the frequent ones I see mentioned is Elasticsearch on port 9200. I can't get nmap to identify that port as Elasticsearch. Even when I do a -A -sV --version-all (and a bunch of other noisy scans) the best it can do is say it's the default wap-wsp port. So, I have 2 questions: Will Elasticsearch always be running on that port? Can anything be preventing nmap from identifying it on 9200? I'm running through virtualbox - I've heard it can drop some packets when looking at wireshark, but I haven't heard whether the VM can affect the scan results. (I've tried running the script_mvel_rce exploit blind... it copies the file but can't execute it).
  2. I'm able to successfully exploit the Apache Struts vulnerability on port 8282 within Metasploitable3. The problem is, I'm not finding a way to detect the vulnerability exists. I've downloaded http-vuln-cve2018-5638 for nmap, but that doesn't show this vulnerability, and I've also attempted struts-pwn with no luck. Additionally, the Nessus scanner shows a critical vulnerability with ManageEngine on that port, which looks like an easy exploit but doesn't indicate Struts is a problem. Nmap shows "Apache Tomcat/Coyote JSP engine 1.1", "Apache-Coyote/1.1", and "Apache Tomcat/8.0.33". Metasploit struts_dmi_rest_exec shows it's vulnerable, and as I stated, I can use this module to exploit the system. Can anyone point me to something outside of a manual check with Metasploit that I can use to check for this vulnerability? Thank you.
×
×
  • Create New...