Test Scan on Metasploitable2
Adding a Packet Sniffer
To see the attacks that I carried out on my virtual machine, I installed Kali Linux Purple to be my sniffer.
\
Carrying out the Test Scan
Before we carry out the attack, we need to do some preparations! First, we need to know if we can reach metasploitable. To find out this answer, we will use the ping command.
Then, we can use the curl command to see if we can get the webpage of metasploitable
Look like we can reach metasploitable just fine. Now, l’m going start my sniffer in my kali purple.
Now, Let’s carry out our scan.
Using nmap, I’m going to execute this command:
sudo nmap -vvv -Pn -sCV -p0-65535 --reason 192.168.233.139
Scan started:
Packets is getting log:
After a couple of min, the scan is complete and I stop my packet sniffer
Verify the Results
Let check if one of the port that nmap found was open and see if that reflect off of the wireshark.
Let’s see if port 8787 is open on wireshark. To check this, we can use the display filter tcp.port == 8787
As you can see from the picture, metasploit respond with a SYN,ACK. Usually, when a server is closed, it would respond with a RST packet or don’t respond at all.
This is just a preview of what to come from this lab. Thanks for reading