This project demonstrates a full penetration testing engagement conducted on a vulnerable virtual machine, within a controlled lab environment.
The objective was to identify security vulnerabilities, exploit them using standard tools, and document the findings in a structured penetration testing report.
- Perform reconnaissance and identify active hosts
- Conduct port scanning and service enumeration
- Analyze vulnerabilities in exposed services
- Exploit identified vulnerabilities
- Perform post-exploitation activities
- Document findings and provide remediation recommendations
- Nmap β Network scanning and service enumeration
- Metasploit Framework β Exploitation of known vulnerabilities
- arp-scan β Local network host discovery
- Target Machine: Metasploitable 2 VM (192.168.0.4)
- Attacker Machine: Parrot Security Linux VM (192.168.0.6)
- Network: NAT Network
The assessment followed a structured approach aligned with industry practices:
- Reconnaissance
- Scanning & Enumeration
- Vulnerability Analysis
- Exploitation
- Post-Exploitation
| CVE ID | Vulnerability | Impact |
|---|---|---|
| CVE-2011-2525 | vsftpd Backdoor | Full system compromise |
| CVE-2021-44142 | Samba RCE | Remote root access |
| CVE-2012-2925 | Weak Web Applications | Data theft, SQL Injection |
| CVE-2011-4862 | Telnet | Cleartext credentials |
- Identified vulnerable services using scanning techniques
- Exploited Samba vulnerability using Metasploit
- Successfully gained remote shell access to the target system
- Verified system-level access through command execution
- Performed basic privilege escalation checks
- Observed system configuration and environment
- Evaluated potential persistence mechanisms
- Remove or update outdated services (vsftpd, Samba)
- Disable anonymous FTP access
- Replace Telnet with secure alternatives like SSH
- Implement firewall rules and monitoring solutions
- Conduct regular vulnerability assessments
Detailed findings and methodology are documented in the full penetration testing report available in this repository.
This project was conducted in a controlled lab environment for educational purposes only.
No real-world systems were targeted or harmed.
Chirag B S
Ethical Hacker / Cybersecurity Enthusiast