Exploitation with Metasploit
In this lab, you will learn to leverage the power of Metasploit to identify and exploit vulnerabilities in a WordPress server. Then you will achieve the holy grail of hacking, a reverse shell!
Terms and conditions apply.
Getting Started in the Lab Environment
Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!
Configure Metasploit & Import Scan Results
In this challenge, you will start up Metasploit Framework and import targets from a provided NMAP scan.
Scan HTTP services
Leverage multiple modules to analyze the HTTP service running on the target, identify a WordPress server, and brute force the admin login.
Create a Reverse Shell Payload
Choose an exploit that matches the exposed service and attempt to exploit WordPress with plugins and get a reverse shell.
Run Exploit to Achieve Shell
Not everything works the first time. Learn how the exploit works and fix your reverse shell to triumph.
The Last Challenge
The last challenge of this lab and your last chance to experience the environment before clicking Next and ending this small little world that flittered into existence just for you.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
- Basic Linux CLI
- Basic understanding of hacking techniques
- Knowledge of standard attack steps in the chain of compromise