Penetration Testing Part 2


In this lab you will continue with the Penetration activities on Metasploitable. The underling goals here are:

  1. To continue to develop your comfort working with, and understanding of, penetration tools
  2. To give you a better feel for the breadth and variation of vulnerabilities


1. You will continue to use the BackTrack5 system and Metaslpoitable. You will be following this activity:

Exploiting Tomcat, MySQL and TikiWiki

As before, save your results and include them in the lab report.


  • You may have to create the directory "/root/ms" for the mySQL operations to work.
2. On the TikiWiki example, after you find the vulnerability, use an exploit to login. You will have to pick a payload, deliver it, and run it.

You will likely find the Metasploit Cheat Sheet very useful (I did)


  1. What is the output that shows the password for Tomcat? What is this program doing to try to break in?
  2. What is a scanner?
  3. Consider the "show options" done before the running the password checking operation. What is the significance of the "5" for the BRUTEFORCE_SPEED? How might you try to change it, and why, for a real penetration test?
  4. What is Tomcat? What is the nature off this exploit? What could a manager do to protect against this exploit?
  5. Before the MySQL attempt, why are you unsetting the password and username?
  6. Before the MySQL attempt, what is the purpose of the credentials file?
  7. For part 2 above, get a detailed explaination of your break-in

Turn In

everything by May 2 on Moodle

-- JimSkon - 2012-04-25

Topic revision: r1 - 2012-04-25 - JimSkon
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback