Student Reviews
( 5 Of 5 )
1 review
Video of Windows Penetration Testing Training Metasploitable 3 Walkthrough in Metasploit Framework course by Motasem Hamdan channel, video No. 16 free certified online
Cyber Security Certification Notes & Cheat Sheets
https://buymeacoffee.com/notescatalog/extras
(2nd link) Cyber Security Certification Notes & Cheat Sheets
https://shop.motasem-notes.net/collections/cyber-security-study-notes
Cyber Security Notes Membership Access
https://buymeacoffee.com/notescatalog/membership
Cybersecurity Direct Coaching & Mentoring
https://shop.motasem-notes.net/collections/coaching-and-mentoring-programs
Download FREE Cyber Security 101 Study Notes
https://buymeacoffee.com/notescatalog/e/290985
Get Strategic cyber security and tech insights weekly to your email by joining my newsletter below
https://buymeacoffee.com/notescatalog/membership
Blog Writeups
https://www.motasem-notes.net
In this video walkthrough, we covered the solution walkthrough for Metasploitable 3 where we discovered a vulnerable Jenkins server as well as vulnerable Apache Tomcat server. Both instances are installed on Windows OS and exploited both using Metasploit and Powershell.i
Writeup
https://motasem-notes.net/learning-windows-server-exploitation-metasploitable-3-walkthrough/
Store
https://buymeacoffee.com/notescatalog/extras
Patreon
https://www.patreon.com/motasemhamdan
Instagram
https://www.instagram.com/motasem.hamdan.tech/
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6
LinkedIn
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
Instagram
https://www.instagram.com/mastermindstudynotes/
Twitter
https://twitter.com/ManMotasem
Facebook
https://www.facebook.com/motasemhamdantty/
0:00 Introduction to Metasploit and Exploitation
0:13 Setting Up the Windows Target Environment
0:27 Scanning for Open Ports
1:21 Discovering Jenkins Server
1:44 Exploiting Jenkins Default Credentials
2:28 Using Script Console in Jenkins
3:09 Choosing Exploitation Methods: PowerShell vs. Groovy Script
3:29 Creating a Payload with Metasploit
5:15 Setting Up a Python HTTP Server
6:37 Downloading the Payload on the Target Machine
7:54 Executing the Payload in Jenkins
8:46 Troubleshooting Download Errors
10:10 Adjusting PowerShell Command Parameters
12:37 Successfully Downloading the Payload
13:49 Setting Up a Listener in Metasploit
14:49 Gaining Initial Access and Interpreter Session
15:25 Identifying User Privileges
16:12 Moving Towards Privilege Escalation
16:45 Examining Open Ports for Tomcat Server
17:23 Locating Tomcat Configuration Files
18:22 Extracting Plaintext Credentials from Tomcat
19:53 Logging into the Tomcat Manager
20:50 Creating a WAR Payload for Tomcat Exploitation
22:09 Deploying the WAR File and Preparing for Execution