00:03
>> Hello, everyone. My name is Dean Pompilio.
00:03
We are about to embark on a Metasploit adventure.
00:03
I've got a bunch of great things I
00:03
want to show all of you.
00:03
We're going to learn a lot of different techniques,
00:03
get to see a lot of different tools,
00:03
and hopefully give you a chance to build up
00:03
your pen testing confidence in your pen
00:03
testing toolkit to the point where you feel
00:03
comfortable sitting down and going to work right away.
00:03
Metasploit. This is a Rapid7 product.
00:03
Some of you may be familiar with the company.
00:03
They also make fantastic scanners like Nexpose.
00:03
Unfortunately, Nexpose is not currently
00:03
compatible with the version of
00:03
Kali that I'm using for this course.
00:03
If I decide to run it on a separate Windows VM later,
00:03
maybe we'll compare some scan results
00:03
between Nexpose and Nessus, for instance.
00:03
In any case, Metasploit is
00:03
the penetration testing
00:03
framework that we'll be exploring.
00:03
There's a lot of different aspects to Metasploit.
00:03
As we can see, there is a free download.
00:03
This is basically the equivalent
00:03
of what you get when you install Kali Linux.
00:03
We'll cover that just here in a minute.
00:03
But the one thing that you can get by
00:03
downloading this free version
00:03
of Metasploit is the community edition,
00:03
which is a web-based interface for Metasploit.
00:03
The web-based interface is
00:03
pretty handy for a lot of different things.
00:03
We'll start out with the text-based interface,
00:03
but eventually we will work our way over to the GUI.
00:03
We'll also explore Armitage,
00:03
which is another GUI interface.
00:03
That one's actually older
00:03
than the web-based interface from my knowledge anyway.
00:03
We'll try both of those.
00:03
Then we'll also do a lot of work with the command line.
00:03
I personally prefer the command line.
00:03
I think that you can
00:03
learn the tool much better and more thoroughly.
00:03
You can also understand at a lower level how
00:03
the different actions take place within
00:03
the framework and the interaction with
00:03
the database is much more direct.
00:03
We'll start there and then work our way up to some of
00:03
the time saving features of using the GUIs.
00:03
If you'll notice, I'm at kali.org.
00:03
This is the website where you can download
00:03
your pen testing platform.
00:03
What we'll be doing here in
00:03
this next segment is going over
00:03
the basic setup to get
00:03
your penetration testing lab up and running.
00:03
There's several components
00:03
>> which are required in order to
00:03
>> make this course possible.
00:03
Well, the first things you want to think
00:03
about is VMware Workstation.
00:03
I have Workstation 12 Pro.
00:03
I highly recommend it if you have the money
00:03
to spend on a product like this.
00:03
It's a huge time saver
00:03
if you do a lot of work with virtual machines.
00:03
I'm not sure about the exact price
00:03
because I've upgraded a few times,
00:03
but I think it's about $250-300.
00:03
Otherwise, if you don't have
00:03
the need to use Workstation Pro,
00:03
you can always go to vmware.com,
00:03
and go to their download section.
00:03
You'll notice that you have VMware player.
00:03
>> VMware player is free, which is nice.
00:03
You can get this for Windows
00:03
or Linux systems as you can see.
00:03
The player really does offer
00:03
a similar amount of functionality to a workstation.
00:03
Some of the big differences are VMware player does not
00:03
allow you to capture a snapshot, for instance.
00:03
There's a couple other advanced features
00:03
that the workstation offers;
00:03
the ability to have all of
00:03
your VMs in a tabbed interface, for instance,
00:03
and just some other nice features,
00:03
being able to set up a server
00:03
for VMware clients to connect to.
00:03
We're likely going to really use two
00:03
any of those features rather for this course.
00:03
But regardless, VMware players here are available.
00:03
If you have another player that you'd like to use,
00:03
you can certainly try
00:03
to use the same VMs with that player of your choice.
00:03
If you like the Microsoft Hyper-V player
00:03
or VirtualBox from Oracle,
00:03
for instance, you might go to find
00:03
ways to get the software to work.
00:03
But the class is designed around
00:03
VMware Workstation and Kali Linux,
00:03
>> and they're Metasploitable.
00:03
>> You might be wondering what Metasploitable is.
00:03
I know I'm going to jumping around here a little bit,
00:03
but I think you'll agree that
00:03
Metasploitable is a fantastic resource.
00:03
We can see Offensive Security offers this,
00:03
and you can download it
00:03
>> from a bunch of different places.
00:03
>> But you do you have to register
00:03
with Rapid7's website in order to get Metasploitable.
00:03
What this is, is a virtual machine
00:03
which has intentional vulnerabilities.
00:03
These vulnerabilities are due to things like
00:03
lack of packaging or
00:03
using software that has known bugs that just
00:03
hasn't been removed or shutdown.
00:03
There are several different ways to go about
00:03
attacking this virtual machine.
00:03
I think that if you can
00:03
grab this VM in addition to the Kali VM,
00:03
you should be able to replicate
00:03
all of the labs that we'll be doing
00:03
>> and the demonstrations that I'll be doing
00:03
>> throughout this course.
00:03
>> There are some basic things to think about.
00:03
For instance, let's go back to our Kali Linux.
00:03
We can download Kali Linux from the kali.org website.
00:03
You'll notice we have several different versions here.
00:03
Depending on if you have
00:03
VMware Workstation or VMware player,
00:03
you can download pre-built virtual machines
00:03
that will work with those pieces of software.
00:03
I have a little bit of trouble
00:03
with the latest version of Kali,
00:03
downloading it as a VMware image.
00:03
downloading the ISO image is pretty straightforward.
00:03
You simply download this,
00:03
save it to a location of your choosing,
00:03
just going to cancel that since I don't need it,
00:03
and then you simply open up the image
00:03
>> in your VMware player or in VMware Workstation.
00:03
>> Going back to workstation.
00:03
Once I have the ISO image downloaded,
00:03
I just create a new virtual machine.
00:03
This is similar if you have VMware player.
00:03
Then we just pointed to
00:03
the ISO image file, wherever that is.
00:03
There's my Kali Linux ISO image.
00:03
It'll take a moment to read the file.
00:03
It tells me it cannot detect the operating system.
00:03
>> If you're using VMware player
00:03
and you want to do the same operation,
00:03
you basically go to the File menu.
00:03
There should be an option there that says Open
00:03
>> or New, and you do the same thing,
00:03
>> you point to the ISO image.
00:03
>> We'll click "Next".
00:03
>> This is a guest operating system of Linux,
00:03
Debian 6 64-bit, should do the job.
00:03
You have a lot to choose from here.
00:03
But Kali Linux is based on Debian,
00:03
and version 6 64-bit is
00:03
the setting that I use with the last version.
00:03
We'll go ahead and click "Next".
00:03
I'll call this Kali test
00:03
because I already have my Kali image,
00:03
but we're going to just step through this
00:03
a little bit so you can see what it looks like.
00:03
The default comes up with 20 gig.
00:03
If you've got the space on your hard drive,
00:03
I recommend upping that to 30.
00:03
You can also use the buttons here if you'd like.
00:03
But 30 gig is good because if you build
00:03
a fully functional pen testing instance
00:03
of Kali and you start adding more tools,
00:03
and if I've got some databases,
00:03
once you review information,
00:03
the size can grow, it's better to just plan ahead.
00:03
I always prefer to have my disk as a single file
00:03
>> if you're moving VMs around.
00:03
>> This is a little bit more convenient,
00:03
and depending on how you partition your disk
00:03
>> or how you provision your disk rather,
00:03
>> you might have some different considerations
00:03
for how much space you'll eventually use.
00:03
I've always change this to store the disk
00:03
>> as a single file.
00:03
>> We'll look at hardware.
00:03
Notice that the network setting is NAT.
00:03
>> I'm at my settings for the VM right now.
00:03
>> If you want to keep your pen testing
00:03
VM relatively safe from the network that you're on,
00:03
you should at least be using NAT mode.
00:03
This means that I'll be sharing my IP address
00:03
>> I am allowed to get out to the Internet from this VM.
00:03
But I'm just basically using different source ports
00:03
>> when I make connection to the outside.
00:03
>> If you're concerned about complete isolation
00:03
>> and complete privacy for doing
00:03
>> your pen testing work,
00:03
>> then you can go into host only mode.
00:03
When the VM boots, it'll get an address
00:03
>> that's local to your host itself
00:03
>> and cannot get to the outside network.
00:03
>> For our purposes, we're going to use
00:03
NAT because we want to be able to get to the Internet.
00:03
We want to be able to do certain things
00:03
which require Internet access.
00:03
By the way, got a great t-shirt on here.
00:03
I want to show everyone. Hope you're
00:03
having fun with the Cybrary.
00:03
I know it's a nice pleasure
00:03
to be able to contribute to the videos.
00:03
I know a lot of people really
00:03
are getting a lot of benefit from this.