Once you complete this assignment, submit your findings in the following document:Report.docxInstructionsYou’ve been provided full access to the network and are getting ping responses from the CEO’s workstation.Perform a service and version scan using Nmap to determine which services are up and running:Run the Nmap command that performs a service and version scan against the target.Answer:From the previous step, we see that the Icecast service is running. Let’s start by attacking that service. Search for any Icecast exploits:Run the SearchSploit commands to show available Icecast exploits.Answer:Now that we know which exploits are available to us, let’s start Metasploit:Run the command that starts Metasploit:Answer:Search for the Icecast module and load it for use.Run the command to search for the Icecast module:Answer:Run the command to use the Icecast module:Note: Instead of copying the entire path to the module, you can use the number in front of it.Answer:Set the RHOST to the target machine.Run the command that sets the RHOST:Answer:Run the Icecast exploit.Run the command that runs the Icecast exploit.Answer:Run the command that performs a search for the secretfile.txt on the target.Answer:You should now have a Meterpreter session open.Run the command to performs a search for the recipe.txt on the target:Answer:Bonus: Run the command that exfiltrates the recipe*.txt file:Answer:You can also use Meterpreter’s local exploit suggester to find possible exploits.Note: The exploit suggester is just that: a suggestion. Keep in mind that the listed suggestions may not include all available exploits.BonusA. Run a Meterpreter post script that enumerates all logged on users.Answer:B. Open a Meterpreter shell.Answer:C. Run the command that displays the target’s computer system information:Answer:Computer ScienceEngineering & TechnologyPython Programming CMPSC 121
