The
hostname should be “ALI”
When completed, you will have one Microsoft
Word document with two screenshots:
1. script.sh (Note: This will be the output of running: “cat
nmap_script.sh” so that I can see your
script
2. Screen output of running script.sh
Use the follow infoseclearning lab: Scanning
the Network on the LAN. Keep in mind that you
will be limited to 90 minutes per lab session
and you will not be able to “copy and paste”
your code – you could, however, take a
screenshot of your code before the lab time expires.
If you feel that you need more time to
practice the lab script, you can download Kali Linux
and use it. Keep in mind your nmap script will
not be the same, so you would have to copy
the script to the infoseclearning environment
before submitting. https://lab.infoseclearning.com/labs
(I will provide you with
user name and password)
LOCAL INSTALLATION USING VIRTUALIZATION
SOFTWARE INSTRUCTIONS
1. Choose your virtualization software (either works fine and they
are both free):
o VirtualBox:
o https://www.virtualbox.org/wiki/Downloads
o VMware Workstation Player:
o https://my.vmware.com/en/web/vmware/free#desktop_end_user_computing/vmw
are_workstation_player/14_0
2. Kali Linux can be downloaded from:
o https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-hyperv-image-download/
3. Metasploitable can be downloaded from:
o https://sourceforge.net/projects/metasploitable/files/Metasploitable2/
4. If you need additional help installing Kali, please review Kali
Linux Revealed for step-by-step
instructions:
o https://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf
INSTRUCTIONS
1. Write a script that will run an Nmap scan of metasploitable.
The script should be named script.sh.
The script is required to do the below. (Hint: These are separate options that
you will need to
configure for your nmap scan)
o Scan only the top 5 ports
o Do not ping
o Get Service versions
o Scan as fast as possible
o Do not resolve names
o Do not invoke the nmap
nse scripts (this means you can’t use the ‘-A’ option)
2. After the nmap scan completes, have the
script automatically attempt to use rlogin
against the metasploitable box. It should
accept the default username that will
automatically be sent. You will need to
provide msfadmin as the password when
prompted
(per the script output below)
o rlogin to the metasploitable machine that you
just scanned with nmap. This should
automatically run as part of the script – do not have the script
prompt you for the target to
Get Free Quote!
353 Experts Online