H 2C: Installing Metasploit and Nmap on a Debian Cloud Server (10 pts)

What you need

A Debian server on the Google Cloud, which you set up in a previous project

Purpose

To get metasploit and Nmap on our Debian cloud server.

I used to use the "Katoolin" tool but it has been deprecated, and the recommended replacement "Tool-X" fails to install the Metasploit dependencies, so it's easier to just install these tools directly.

Google Cloud Server

If you don't have a Google Cloud Server set up, see these instructions.

Google Cloud Platform Console

Open a Web browser to this URL:

https://console.cloud.google.com

On the left side, click "Compute Engine". as shown below.

Installing Metasploit

Execute these commands:

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall chmod 755 msfinstall sudo ./msfinstall

Metasploit installs, as shown below.

Installing Nmap

Execute this command:

sudo apt install nmap

Enter y to install the package, and y again to install the package without verification.

Nmap installs, as shown below.

Finding your Windows Cloud Server's IP Address

In your Google Cloud Platform Console, find your Windows cloud server's IP address, as outlined in red in the image below.

Scanning your Windows Server

Execute these command, replacing the IP address with your Windows cloud server's IP address.

sudo nmap 10.142.0.2

Your server has the usual Microsoft ports open, as shown below.

Find the service name, which is covered by a green box in the image below. Enter it into the form below.

H 2c: Service Name (10 pts)

The flag is the service name covered by a green box in the image above.

Moved to local server 3-21-19
Updated to remove Katoolin 3-25-19
Form removed 7-9-19